diff --git a/schemas/2016-03-30/Microsoft.ContainerService.Aks.json b/schemas/2016-03-30/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 28b9fb68b2..0000000000 --- a/schemas/2016-03-30/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,413 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2016-03-30/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "containerServices": { - "description": "Microsoft.ContainerService/containerServices", - "properties": { - "apiVersion": { - "enum": [ - "2016-03-30" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the container service in the specified subscription and resource group.", - "type": "string" - }, - "properties": { - "description": "Properties of the container service.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/containerServices" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix to be used to create the FQDN for the agent pool.", - "type": "string" - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A0", - "Standard_A1", - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A9", - "Standard_A10", - "Standard_A11", - "Standard_D1", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_D1_v2", - "Standard_D2_v2", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_DS1", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "vmSize", - "dnsPrefix" - ], - "type": "object" - }, - "ContainerServiceDiagnosticsProfile": { - "properties": { - "vmDiagnostics": { - "description": "Profile for the container service VM diagnostic agent.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceVMDiagnostics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "vmDiagnostics" - ], - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for all Linux VMs", - "type": "string" - }, - "ssh": { - "description": "The ssh key configuration for Linux VMs.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceMasterProfile": { - "description": "Profile for the container service master.", - "properties": { - "count": { - "description": "Number of masters (VMs) in the container service cluster. Allowed values are 1, 3, and 5. The default value is 1.", - "oneOf": [ - { - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix to be used to create the FQDN for master.", - "type": "string" - } - }, - "required": [ - "dnsPrefix" - ], - "type": "object" - }, - "ContainerServiceOrchestratorProfile": { - "description": "Profile for the container service orchestrator.", - "properties": { - "orchestratorType": { - "description": "The orchestrator to use to manage container service cluster resources. Valid values are Swarm, DCOS, and Custom.", - "oneOf": [ - { - "enum": [ - "Swarm", - "DCOS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "orchestratorType" - ], - "type": "object" - }, - "ContainerServiceProperties": { - "description": "Properties of the container service.", - "properties": { - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diagnosticsProfile": { - "description": "Properties of the diagnostic agent.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceDiagnosticsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxProfile": { - "description": "Properties of Linux VMs.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "masterProfile": { - "description": "Properties of master agents.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceMasterProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorProfile": { - "description": "Properties of the orchestrator.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceOrchestratorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Properties of Windows VMs.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "masterProfile", - "agentPoolProfiles", - "linuxProfile" - ], - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "the list of SSH public keys used to authenticate with Linux-based VMs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ContainerServiceVMDiagnostics": { - "description": "Profile for diagnostics on the container service VMs.", - "properties": { - "enabled": { - "description": "Whether the VM diagnostic agent is provisioned on the VM.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ContainerServiceWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "The administrator password to use for Windows VMs", - "type": "string" - }, - "adminUsername": { - "description": "The administrator username to use for Windows VMs", - "type": "string" - } - }, - "required": [ - "adminUsername", - "adminPassword" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2016-09-30/Microsoft.ContainerService.Aks.json b/schemas/2016-09-30/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 566912850f..0000000000 --- a/schemas/2016-09-30/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,493 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2016-09-30/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "containerServices": { - "description": "Microsoft.ContainerService/containerServices", - "properties": { - "apiVersion": { - "enum": [ - "2016-09-30" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the container service in the specified subscription and resource group.", - "type": "string" - }, - "properties": { - "description": "Properties of the container service.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/containerServices" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix to be used to create the FQDN for the agent pool.", - "type": "string" - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A0", - "Standard_A1", - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A9", - "Standard_A10", - "Standard_A11", - "Standard_D1", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_D1_v2", - "Standard_D2_v2", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_DS1", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "count", - "vmSize", - "dnsPrefix" - ], - "type": "object" - }, - "ContainerServiceCustomProfile": { - "description": "Properties to configure a custom container service cluster.", - "properties": { - "orchestrator": { - "description": "The name of the custom orchestrator to use.", - "type": "string" - } - }, - "required": [ - "orchestrator" - ], - "type": "object" - }, - "ContainerServiceDiagnosticsProfile": { - "properties": { - "vmDiagnostics": { - "description": "Profile for the container service VM diagnostic agent.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceVMDiagnostics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "vmDiagnostics" - ], - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9_-]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The ssh key configuration for Linux VMs.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceMasterProfile": { - "description": "Profile for the container service master.", - "properties": { - "count": { - "description": "Number of masters (VMs) in the container service cluster. Allowed values are 1, 3, and 5. The default value is 1.", - "oneOf": [ - { - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix to be used to create the FQDN for master.", - "type": "string" - } - }, - "required": [ - "dnsPrefix" - ], - "type": "object" - }, - "ContainerServiceOrchestratorProfile": { - "description": "Profile for the container service orchestrator.", - "properties": { - "orchestratorType": { - "description": "The orchestrator to use to manage container service cluster resources. Valid values are Swarm, DCOS, and Custom.", - "oneOf": [ - { - "enum": [ - "Swarm", - "DCOS", - "Custom", - "Kubernetes" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "orchestratorType" - ], - "type": "object" - }, - "ContainerServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal.", - "type": "string" - } - }, - "required": [ - "clientId", - "secret" - ], - "type": "object" - }, - "ContainerServiceProperties": { - "description": "Properties of the container service.", - "properties": { - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customProfile": { - "description": "Properties for custom clusters.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceCustomProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diagnosticsProfile": { - "description": "Properties of the diagnostic agent.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceDiagnosticsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxProfile": { - "description": "Properties of Linux VMs.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "masterProfile": { - "description": "Properties of master agents.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceMasterProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorProfile": { - "description": "Properties of the orchestrator.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceOrchestratorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Properties for cluster service principals.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Properties of Windows VMs.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "masterProfile", - "agentPoolProfiles", - "linuxProfile" - ], - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "the list of SSH public keys used to authenticate with Linux-based VMs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ContainerServiceVMDiagnostics": { - "description": "Profile for diagnostics on the container service VMs.", - "properties": { - "enabled": { - "description": "Whether the VM diagnostic agent is provisioned on the VM.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ContainerServiceWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "The administrator password to use for Windows VMs.", - "oneOf": [ - { - "pattern": "^(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%\\^&\\*\\(\\)])[a-zA-Z\\d!@#$%\\^&\\*\\(\\)]{12,123}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "adminUsername": { - "description": "The administrator username to use for Windows VMs.", - "oneOf": [ - { - "pattern": "^[a-zA-Z0-9]+([._]?[a-zA-Z0-9]+)*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "adminPassword" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2017-01-31/Microsoft.ContainerService.Aks.json b/schemas/2017-01-31/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 737c9e878b..0000000000 --- a/schemas/2017-01-31/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,493 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2017-01-31/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "containerServices": { - "description": "Microsoft.ContainerService/containerServices", - "properties": { - "apiVersion": { - "enum": [ - "2017-01-31" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the container service in the specified subscription and resource group.", - "type": "string" - }, - "properties": { - "description": "Properties of the container service.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/containerServices" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix to be used to create the FQDN for the agent pool.", - "type": "string" - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A0", - "Standard_A1", - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A9", - "Standard_A10", - "Standard_A11", - "Standard_D1", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_D1_v2", - "Standard_D2_v2", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_DS1", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "count", - "vmSize", - "dnsPrefix" - ], - "type": "object" - }, - "ContainerServiceCustomProfile": { - "description": "Properties to configure a custom container service cluster.", - "properties": { - "orchestrator": { - "description": "The name of the custom orchestrator to use.", - "type": "string" - } - }, - "required": [ - "orchestrator" - ], - "type": "object" - }, - "ContainerServiceDiagnosticsProfile": { - "properties": { - "vmDiagnostics": { - "description": "Profile for the container service VM diagnostic agent.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceVMDiagnostics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "vmDiagnostics" - ], - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9_-]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The ssh key configuration for Linux VMs.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceMasterProfile": { - "description": "Profile for the container service master.", - "properties": { - "count": { - "description": "Number of masters (VMs) in the container service cluster. Allowed values are 1, 3, and 5. The default value is 1.", - "oneOf": [ - { - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix to be used to create the FQDN for master.", - "type": "string" - } - }, - "required": [ - "dnsPrefix" - ], - "type": "object" - }, - "ContainerServiceOrchestratorProfile": { - "description": "Profile for the container service orchestrator.", - "properties": { - "orchestratorType": { - "description": "The orchestrator to use to manage container service cluster resources. Valid values are Swarm, DCOS, and Custom.", - "oneOf": [ - { - "enum": [ - "Swarm", - "DCOS", - "Custom", - "Kubernetes" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "orchestratorType" - ], - "type": "object" - }, - "ContainerServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal.", - "type": "string" - } - }, - "required": [ - "clientId", - "secret" - ], - "type": "object" - }, - "ContainerServiceProperties": { - "description": "Properties of the container service.", - "properties": { - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customProfile": { - "description": "Properties for custom clusters.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceCustomProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diagnosticsProfile": { - "description": "Properties of the diagnostic agent.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceDiagnosticsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxProfile": { - "description": "Properties of Linux VMs.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "masterProfile": { - "description": "Properties of master agents.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceMasterProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorProfile": { - "description": "Properties of the orchestrator.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceOrchestratorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Properties for cluster service principals.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Properties of Windows VMs.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "masterProfile", - "agentPoolProfiles", - "linuxProfile" - ], - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "the list of SSH public keys used to authenticate with Linux-based VMs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ContainerServiceVMDiagnostics": { - "description": "Profile for diagnostics on the container service VMs.", - "properties": { - "enabled": { - "description": "Whether the VM diagnostic agent is provisioned on the VM.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ContainerServiceWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "The administrator password to use for Windows VMs.", - "oneOf": [ - { - "pattern": "^(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%\\^&\\*\\(\\)])[a-zA-Z\\d!@#$%\\^&\\*\\(\\)]{12,123}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "adminUsername": { - "description": "The administrator username to use for Windows VMs.", - "oneOf": [ - { - "pattern": "^[a-zA-Z0-9]+([._]?[a-zA-Z0-9]+)*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "adminPassword" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2017-07-01/Microsoft.ContainerService.Aks.json b/schemas/2017-07-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 24cbd0ae1c..0000000000 --- a/schemas/2017-07-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,943 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2017-07-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "containerServices": { - "description": "Microsoft.ContainerService/containerServices", - "properties": { - "apiVersion": { - "enum": [ - "2017-07-01" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the container service in the specified subscription and resource group.", - "type": "string" - }, - "properties": { - "description": "Properties of the container service.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/containerServices" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix to be used to create the FQDN for the agent pool.", - "type": "string" - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ports": { - "description": "Ports number array used to expose on this agent pool. The default opened ports are different based on your choice of orchestrator.", - "oneOf": [ - { - "items": { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile specifies what kind of storage used. Choose from StorageAccount and ManagedDisks. Leave it empty, we will choose for you based on the orchestrator choice.", - "oneOf": [ - { - "enum": [ - "StorageAccount", - "ManagedDisks" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name", - "vmSize" - ], - "type": "object" - }, - "ContainerServiceCustomProfile": { - "description": "Properties to configure a custom container service cluster.", - "properties": { - "orchestrator": { - "description": "The name of the custom orchestrator to use.", - "type": "string" - } - }, - "required": [ - "orchestrator" - ], - "type": "object" - }, - "ContainerServiceDiagnosticsProfile": { - "description": "Profile for diagnostics on the container service cluster.", - "properties": { - "vmDiagnostics": { - "description": "Profile for diagnostics on the container service VMs.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceVMDiagnostics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "vmDiagnostics" - ], - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceMasterProfile": { - "description": "Profile for the container service master.", - "properties": { - "count": { - "description": "Number of masters (VMs) in the container service cluster. Allowed values are 1, 3, and 5. The default value is 1.", - "oneOf": [ - { - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix to be used to create the FQDN for the master pool.", - "type": "string" - }, - "firstConsecutiveStaticIP": { - "description": "FirstConsecutiveStaticIP used to specify the first static ip of masters.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile specifies what kind of storage used. Choose from StorageAccount and ManagedDisks. Leave it empty, we will choose for you based on the orchestrator choice.", - "oneOf": [ - { - "enum": [ - "StorageAccount", - "ManagedDisks" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "dnsPrefix", - "vmSize" - ], - "type": "object" - }, - "ContainerServiceOrchestratorProfile": { - "description": "Profile for the container service orchestrator.", - "properties": { - "orchestratorType": { - "description": "The orchestrator to use to manage container service cluster resources. Valid values are Kubernetes, Swarm, DCOS, DockerCE and Custom.", - "oneOf": [ - { - "enum": [ - "Kubernetes", - "Swarm", - "DCOS", - "DockerCE", - "Custom" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "The version of the orchestrator to use. You can specify the major.minor.patch part of the actual version.For example, you can specify version as \"1.6.11\".", - "type": "string" - } - }, - "required": [ - "orchestratorType" - ], - "type": "object" - }, - "ContainerServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs. Either secret or keyVaultSecretRef must be specified.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "keyVaultSecretRef": { - "description": "Reference to a secret stored in Azure Key Vault.", - "oneOf": [ - { - "$ref": "#/definitions/KeyVaultSecretRef" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ContainerServiceProperties": { - "description": "Properties of the container service.", - "properties": { - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customProfile": { - "description": "Properties to configure a custom container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceCustomProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diagnosticsProfile": { - "description": "Profile for diagnostics in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceDiagnosticsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "masterProfile": { - "description": "Profile for the container service master.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceMasterProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorProfile": { - "description": "Profile for the container service orchestrator.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceOrchestratorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs. Exact one of secret or keyVaultSecretRef need to be specified.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "orchestratorProfile", - "masterProfile", - "linuxProfile" - ], - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ContainerServiceVMDiagnostics": { - "description": "Profile for diagnostics on the container service VMs.", - "properties": { - "enabled": { - "description": "Whether the VM diagnostic agent is provisioned on the VM.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ContainerServiceWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "The administrator password to use for Windows VMs.", - "oneOf": [ - { - "pattern": "^(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%\\^&\\*\\(\\)])[a-zA-Z\\d!@#$%\\^&\\*\\(\\)]{12,123}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "adminUsername": { - "description": "The administrator username to use for Windows VMs.", - "oneOf": [ - { - "pattern": "^[a-zA-Z0-9]+([._]?[a-zA-Z0-9]+)*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "adminPassword" - ], - "type": "object" - }, - "KeyVaultSecretRef": { - "description": "Reference to a secret stored in Azure Key Vault.", - "properties": { - "secretName": { - "description": "The secret name.", - "type": "string" - }, - "vaultID": { - "description": "Key vault identifier.", - "type": "string" - }, - "version": { - "description": "The secret version.", - "type": "string" - } - }, - "required": [ - "vaultID", - "secretName" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2017-08-31/Microsoft.ContainerService.Aks.json b/schemas/2017-08-31/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 934b330c30..0000000000 --- a/schemas/2017-08-31/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,518 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2017-08-31/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2017-08-31" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "type": "string" - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix to be used to create the FQDN for the agent pool.", - "type": "string" - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ports": { - "description": "Ports number array used to expose on this agent pool. The default opened ports are different based on your choice of orchestrator.", - "oneOf": [ - { - "items": { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile specifies what kind of storage used. Choose from StorageAccount and ManagedDisks. Leave it empty, we will choose for you based on the orchestrator choice.", - "oneOf": [ - { - "enum": [ - "StorageAccount", - "ManagedDisks" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name", - "vmSize" - ], - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs. Either secret or keyVaultSecretRef must be specified.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "keyVaultSecretRef": { - "description": "Reference to a secret stored in Azure Key Vault.", - "oneOf": [ - { - "$ref": "#/definitions/KeyVaultSecretRef" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "KeyVaultSecretRef": { - "description": "Reference to a secret stored in Azure Key Vault.", - "properties": { - "secretName": { - "description": "The secret name.", - "type": "string" - }, - "vaultID": { - "description": "Key vault identifier.", - "type": "string" - }, - "version": { - "description": "The secret version.", - "type": "string" - } - }, - "required": [ - "vaultID", - "secretName" - ], - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs. Either secret or keyVaultSecretRef must be specified.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2018-03-31/Microsoft.ContainerService.Aks.json b/schemas/2018-03-31/Microsoft.ContainerService.Aks.json deleted file mode 100644 index b359f2b6b3..0000000000 --- a/schemas/2018-03-31/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,661 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2018-03-31/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2018-03-31" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "type": "string" - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "required": [ - "clientAppID", - "serverAppID" - ], - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name", - "vmSize" - ], - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool. Currently only one agent pool can exist.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2018-08-01-preview/Microsoft.ContainerService.Aks.json b/schemas/2018-08-01-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index b50443c5d2..0000000000 --- a/schemas/2018-08-01-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,702 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2018-08-01-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2018-08-01-preview" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "type": "string" - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "required": [ - "clientAppID", - "serverAppID" - ], - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name", - "count", - "vmSize" - ], - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2018-09-30-preview/Microsoft.ContainerService.Aks.json b/schemas/2018-09-30-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 588c6fb9f6..0000000000 --- a/schemas/2018-09-30-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,486 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2018-09-30-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "openShiftManagedClusters": { - "description": "Microsoft.ContainerService/openShiftManagedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2018-09-30-preview" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the OpenShift managed cluster resource.", - "type": "string" - }, - "plan": { - "description": "Define the resource plan as required by ARM for billing purposes", - "oneOf": [ - { - "$ref": "#/definitions/PurchasePlan" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a OpenShift managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/openShiftManagedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "NetworkProfile": { - "description": "Represents the OpenShift networking configuration", - "properties": { - "peerVnetId": { - "description": "CIDR of the Vnet to peer.", - "type": "string" - }, - "vnetCidr": { - "description": "CIDR for the OpenShift Vnet.", - "type": "string" - } - }, - "type": "object" - }, - "OpenShiftManagedClusterAgentPoolProfile": { - "description": "Defines the configuration of the OpenShift cluster VMs.", - "properties": { - "count": { - "description": "Number of agents (VMs) to host docker containers.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "role": { - "description": "Define the role of the AgentPoolProfile.", - "oneOf": [ - { - "enum": [ - "compute", - "infra" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "subnetCidr": { - "description": "Subnet CIDR for the peering.", - "type": "string" - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D64s_v3", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_F8s_v2", - "Standard_F16s_v2", - "Standard_F32s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8s", - "Standard_F16s", - "Standard_E4s_v3", - "Standard_E8s_v3", - "Standard_E16s_v3", - "Standard_E20s_v3", - "Standard_E32s_v3", - "Standard_E64s_v3", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_L4s", - "Standard_L8s", - "Standard_L16s", - "Standard_L32s" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "count", - "vmSize" - ], - "type": "object" - }, - "OpenShiftManagedClusterAuthProfile": { - "description": "Defines all possible authentication profiles for the OpenShift cluster.", - "properties": { - "identityProviders": { - "description": "Type of authentication profile to use.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/OpenShiftManagedClusterIdentityProvider" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "OpenShiftManagedClusterBaseIdentityProvider": { - "description": "Structure for any Identity provider.", - "oneOf": [ - { - "description": "Defines the Identity provider for MS AAD.", - "properties": { - "clientId": { - "description": "The clientId password associated with the provider.", - "type": "string" - }, - "customerAdminGroupId": { - "description": "The groupId to be granted cluster admin role.", - "type": "string" - }, - "kind": { - "enum": [ - "AADIdentityProvider" - ], - "type": "string" - }, - "secret": { - "description": "The secret password associated with the provider.", - "type": "string" - }, - "tenantId": { - "description": "The tenantId associated with the provider.", - "type": "string" - } - }, - "required": [ - "kind" - ], - "type": "object" - } - ], - "properties": {}, - "type": "object" - }, - "OpenShiftManagedClusterIdentityProvider": { - "description": "Defines the configuration of the identity providers to be used in the OpenShift cluster.", - "properties": { - "name": { - "description": "Name of the provider.", - "type": "string" - }, - "provider": { - "description": "Configuration of the provider.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterBaseIdentityProvider" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "OpenShiftManagedClusterMasterPoolProfile": { - "description": "OpenShiftManagedClusterMaterPoolProfile contains configuration for OpenShift master VMs.", - "properties": { - "count": { - "description": "Number of masters (VMs) to host docker containers. The default value is 3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the master pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "subnetCidr": { - "description": "Subnet CIDR for the peering.", - "type": "string" - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D64s_v3", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_F8s_v2", - "Standard_F16s_v2", - "Standard_F32s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8s", - "Standard_F16s", - "Standard_E4s_v3", - "Standard_E8s_v3", - "Standard_E16s_v3", - "Standard_E20s_v3", - "Standard_E32s_v3", - "Standard_E64s_v3", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_L4s", - "Standard_L8s", - "Standard_L16s", - "Standard_L32s" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "count", - "vmSize" - ], - "type": "object" - }, - "OpenShiftManagedClusterProperties": { - "description": "Properties of the OpenShift managed cluster.", - "properties": { - "agentPoolProfiles": { - "description": "Configuration of OpenShift cluster VMs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/OpenShiftManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "authProfile": { - "description": "Configures OpenShift authentication.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterAuthProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdn": { - "description": "User-specified FQDN for OpenShift API server loadbalancer internal hostname.", - "type": "string" - }, - "masterPoolProfile": { - "description": "Configuration for OpenShift master VMs.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterMasterPoolProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Configuration for OpenShift networking.", - "oneOf": [ - { - "$ref": "#/definitions/NetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "openShiftVersion": { - "description": "Version of OpenShift specified when creating the cluster.", - "type": "string" - }, - "publicHostname": { - "description": "Optional user-specified FQDN for OpenShift API server.", - "type": "string" - }, - "routerProfiles": { - "description": "Configuration for OpenShift router(s).", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/OpenShiftRouterProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "openShiftVersion" - ], - "type": "object" - }, - "OpenShiftRouterProfile": { - "description": "Represents an OpenShift router", - "properties": { - "name": { - "description": "Name of the router profile.", - "type": "string" - }, - "publicSubdomain": { - "description": "DNS subdomain for OpenShift router.", - "type": "string" - } - }, - "type": "object" - }, - "PurchasePlan": { - "description": "Used for establishing the purchase context of any 3rd Party artifact through MarketPlace.", - "properties": { - "name": { - "description": "The plan ID.", - "type": "string" - }, - "product": { - "description": "Specifies the product of the image from the marketplace. This is the same value as Offer under the imageReference element.", - "type": "string" - }, - "promotionCode": { - "description": "The promotion code.", - "type": "string" - }, - "publisher": { - "description": "The plan ID.", - "type": "string" - } - }, - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2019-02-01/Microsoft.ContainerService.Aks.json b/schemas/2019-02-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 316ca7aa2b..0000000000 --- a/schemas/2019-02-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,1161 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2019-02-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2019-02-01" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "type": "string" - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - } - ] - }, - "type": "array" - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2019-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "required": [ - "clientAppID", - "serverAppID" - ], - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "(PREVIEW) Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name", - "count", - "vmSize" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "(PREVIEW) Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "count", - "vmSize" - ], - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAuthorizedIPRanges": { - "description": "(PREVIEW) Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2019-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2019-04-01/Microsoft.ContainerService.Aks.json b/schemas/2019-04-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 66f344ba62..0000000000 --- a/schemas/2019-04-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,1250 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2019-04-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2019-04-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - } - ] - }, - "type": "array" - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2019-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "required": [ - "clientAppID", - "serverAppID" - ], - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "(PREVIEW) Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name", - "count", - "vmSize" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "(PREVIEW) Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "count", - "vmSize" - ], - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAuthorizedIPRanges": { - "description": "(PREVIEW) Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2019-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2019-04-30/Microsoft.ContainerService.Aks.json b/schemas/2019-04-30/Microsoft.ContainerService.Aks.json deleted file mode 100644 index a6f3a2fa74..0000000000 --- a/schemas/2019-04-30/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,478 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2019-04-30/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "openShiftManagedClusters": { - "description": "Microsoft.ContainerService/openShiftManagedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2019-04-30" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the OpenShift managed cluster resource.", - "type": "string" - }, - "plan": { - "description": "Define the resource plan as required by ARM for billing purposes", - "oneOf": [ - { - "$ref": "#/definitions/PurchasePlan" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a OpenShift managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/openShiftManagedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "NetworkProfile": { - "description": "Represents the OpenShift networking configuration", - "properties": { - "peerVnetId": { - "description": "CIDR of the Vnet to peer.", - "type": "string" - }, - "vnetCidr": { - "description": "CIDR for the OpenShift Vnet.", - "type": "string" - }, - "vnetId": { - "description": "ID of the Vnet created for OSA cluster.", - "type": "string" - } - }, - "type": "object" - }, - "OpenShiftManagedClusterAgentPoolProfile": { - "description": "Defines the configuration of the OpenShift cluster VMs.", - "properties": { - "count": { - "description": "Number of agents (VMs) to host docker containers.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "role": { - "description": "Define the role of the AgentPoolProfile.", - "oneOf": [ - { - "enum": [ - "compute", - "infra" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "subnetCidr": { - "description": "Subnet CIDR for the peering.", - "type": "string" - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D64s_v3", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_F8s_v2", - "Standard_F16s_v2", - "Standard_F32s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8s", - "Standard_F16s", - "Standard_E4s_v3", - "Standard_E8s_v3", - "Standard_E16s_v3", - "Standard_E20s_v3", - "Standard_E32s_v3", - "Standard_E64s_v3", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_L4s", - "Standard_L8s", - "Standard_L16s", - "Standard_L32s" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "count", - "vmSize" - ], - "type": "object" - }, - "OpenShiftManagedClusterAuthProfile": { - "description": "Defines all possible authentication profiles for the OpenShift cluster.", - "properties": { - "identityProviders": { - "description": "Type of authentication profile to use.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/OpenShiftManagedClusterIdentityProvider" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "OpenShiftManagedClusterBaseIdentityProvider": { - "description": "Structure for any Identity provider.", - "oneOf": [ - { - "description": "Defines the Identity provider for MS AAD.", - "properties": { - "clientId": { - "description": "The clientId password associated with the provider.", - "type": "string" - }, - "customerAdminGroupId": { - "description": "The groupId to be granted cluster admin role.", - "type": "string" - }, - "kind": { - "enum": [ - "AADIdentityProvider" - ], - "type": "string" - }, - "secret": { - "description": "The secret password associated with the provider.", - "type": "string" - }, - "tenantId": { - "description": "The tenantId associated with the provider.", - "type": "string" - } - }, - "required": [ - "kind" - ], - "type": "object" - } - ], - "properties": {}, - "type": "object" - }, - "OpenShiftManagedClusterIdentityProvider": { - "description": "Defines the configuration of the identity providers to be used in the OpenShift cluster.", - "properties": { - "name": { - "description": "Name of the provider.", - "type": "string" - }, - "provider": { - "description": "Configuration of the provider.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterBaseIdentityProvider" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "OpenShiftManagedClusterMasterPoolProfile": { - "description": "OpenShiftManagedClusterMaterPoolProfile contains configuration for OpenShift master VMs.", - "properties": { - "count": { - "description": "Number of masters (VMs) to host docker containers. The default value is 3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the master pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "subnetCidr": { - "description": "Subnet CIDR for the peering.", - "type": "string" - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D64s_v3", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_F8s_v2", - "Standard_F16s_v2", - "Standard_F32s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8s", - "Standard_F16s", - "Standard_E4s_v3", - "Standard_E8s_v3", - "Standard_E16s_v3", - "Standard_E20s_v3", - "Standard_E32s_v3", - "Standard_E64s_v3", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_L4s", - "Standard_L8s", - "Standard_L16s", - "Standard_L32s" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "count", - "vmSize" - ], - "type": "object" - }, - "OpenShiftManagedClusterProperties": { - "description": "Properties of the OpenShift managed cluster.", - "properties": { - "agentPoolProfiles": { - "description": "Configuration of OpenShift cluster VMs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/OpenShiftManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "authProfile": { - "description": "Configures OpenShift authentication.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterAuthProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "masterPoolProfile": { - "description": "Configuration for OpenShift master VMs.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterMasterPoolProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Configuration for OpenShift networking.", - "oneOf": [ - { - "$ref": "#/definitions/NetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "openShiftVersion": { - "description": "Version of OpenShift specified when creating the cluster.", - "type": "string" - }, - "routerProfiles": { - "description": "Configuration for OpenShift router(s).", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/OpenShiftRouterProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "openShiftVersion" - ], - "type": "object" - }, - "OpenShiftRouterProfile": { - "description": "Represents an OpenShift router", - "properties": { - "name": { - "description": "Name of the router profile.", - "type": "string" - } - }, - "type": "object" - }, - "PurchasePlan": { - "description": "Used for establishing the purchase context of any 3rd Party artifact through MarketPlace.", - "properties": { - "name": { - "description": "The plan ID.", - "type": "string" - }, - "product": { - "description": "Specifies the product of the image from the marketplace. This is the same value as Offer under the imageReference element.", - "type": "string" - }, - "promotionCode": { - "description": "The promotion code.", - "type": "string" - }, - "publisher": { - "description": "The plan ID.", - "type": "string" - } - }, - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2019-06-01/Microsoft.ContainerService.Aks.json b/schemas/2019-06-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 41e0b714f1..0000000000 --- a/schemas/2019-06-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,1350 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2019-06-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2019-06-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - } - ] - }, - "type": "array" - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2019-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "required": [ - "clientAppID", - "serverAppID" - ], - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "(PREVIEW) Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "(PREVIEW) Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAuthorizedIPRanges": { - "description": "(PREVIEW) Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2019-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2019-08-01/Microsoft.ContainerService.Aks.json b/schemas/2019-08-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index ea4d9e8962..0000000000 --- a/schemas/2019-08-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,1511 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2019-08-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - } - ] - }, - "type": "array" - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2019-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "required": [ - "clientAppID", - "serverAppID" - ], - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "(PREVIEW) Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "(PREVIEW) Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2019-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2019-09-30-preview/Microsoft.ContainerService.Aks.json b/schemas/2019-09-30-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index af17ba0436..0000000000 --- a/schemas/2019-09-30-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,510 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2019-09-30-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "openShiftManagedClusters": { - "description": "Microsoft.ContainerService/openShiftManagedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2019-09-30-preview" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the OpenShift managed cluster resource.", - "type": "string" - }, - "plan": { - "description": "Define the resource plan as required by ARM for billing purposes", - "oneOf": [ - { - "$ref": "#/definitions/PurchasePlan" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a OpenShift managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/openShiftManagedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "NetworkProfile": { - "description": "Represents the OpenShift networking configuration", - "properties": { - "peerVnetId": { - "description": "CIDR of the Vnet to peer.", - "type": "string" - }, - "vnetCidr": { - "description": "CIDR for the OpenShift Vnet.", - "type": "string" - }, - "vnetId": { - "description": "ID of the Vnet created for OSA cluster.", - "type": "string" - } - }, - "type": "object" - }, - "OpenShiftManagedClusterAgentPoolProfile": { - "description": "Defines the configuration of the OpenShift cluster VMs.", - "properties": { - "count": { - "description": "Number of agents (VMs) to host docker containers.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "role": { - "description": "Define the role of the AgentPoolProfile.", - "oneOf": [ - { - "enum": [ - "compute", - "infra" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "subnetCidr": { - "description": "Subnet CIDR for the peering.", - "type": "string" - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D64s_v3", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_F8s_v2", - "Standard_F16s_v2", - "Standard_F32s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8s", - "Standard_F16s", - "Standard_E4s_v3", - "Standard_E8s_v3", - "Standard_E16s_v3", - "Standard_E20s_v3", - "Standard_E32s_v3", - "Standard_E64s_v3", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_L4s", - "Standard_L8s", - "Standard_L16s", - "Standard_L32s" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "count", - "vmSize" - ], - "type": "object" - }, - "OpenShiftManagedClusterAuthProfile": { - "description": "Defines all possible authentication profiles for the OpenShift cluster.", - "properties": { - "identityProviders": { - "description": "Type of authentication profile to use.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/OpenShiftManagedClusterIdentityProvider" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "OpenShiftManagedClusterBaseIdentityProvider": { - "description": "Structure for any Identity provider.", - "oneOf": [ - { - "description": "Defines the Identity provider for MS AAD.", - "properties": { - "clientId": { - "description": "The clientId password associated with the provider.", - "type": "string" - }, - "customerAdminGroupId": { - "description": "The groupId to be granted cluster admin role.", - "type": "string" - }, - "kind": { - "enum": [ - "AADIdentityProvider" - ], - "type": "string" - }, - "secret": { - "description": "The secret password associated with the provider.", - "type": "string" - }, - "tenantId": { - "description": "The tenantId associated with the provider.", - "type": "string" - } - }, - "required": [ - "kind" - ], - "type": "object" - } - ], - "properties": {}, - "type": "object" - }, - "OpenShiftManagedClusterIdentityProvider": { - "description": "Defines the configuration of the identity providers to be used in the OpenShift cluster.", - "properties": { - "name": { - "description": "Name of the provider.", - "type": "string" - }, - "provider": { - "description": "Configuration of the provider.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterBaseIdentityProvider" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "OpenShiftManagedClusterMasterPoolProfile": { - "description": "OpenShiftManagedClusterMaterPoolProfile contains configuration for OpenShift master VMs.", - "properties": { - "count": { - "description": "Number of masters (VMs) to host docker containers. The default value is 3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the master pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "subnetCidr": { - "description": "Subnet CIDR for the peering.", - "type": "string" - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D64s_v3", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_F8s_v2", - "Standard_F16s_v2", - "Standard_F32s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8s", - "Standard_F16s", - "Standard_E4s_v3", - "Standard_E8s_v3", - "Standard_E16s_v3", - "Standard_E20s_v3", - "Standard_E32s_v3", - "Standard_E64s_v3", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_L4s", - "Standard_L8s", - "Standard_L16s", - "Standard_L32s" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "count", - "vmSize" - ], - "type": "object" - }, - "OpenShiftManagedClusterMonitorProfile": { - "description": "Defines the configuration for Log Analytics integration.", - "properties": { - "enabled": { - "description": "If the Log analytics integration should be turned on or off", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workspaceResourceID": { - "description": "Azure Resource Manager Resource ID for the Log Analytics workspace to integrate with.", - "type": "string" - } - }, - "type": "object" - }, - "OpenShiftManagedClusterProperties": { - "description": "Properties of the OpenShift managed cluster.", - "properties": { - "agentPoolProfiles": { - "description": "Configuration of OpenShift cluster VMs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/OpenShiftManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "authProfile": { - "description": "Configures OpenShift authentication.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterAuthProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "masterPoolProfile": { - "description": "Configuration for OpenShift master VMs.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterMasterPoolProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "monitorProfile": { - "description": "Configures Log Analytics integration.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Configuration for OpenShift networking.", - "oneOf": [ - { - "$ref": "#/definitions/NetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "openShiftVersion": { - "description": "Version of OpenShift specified when creating the cluster.", - "type": "string" - }, - "routerProfiles": { - "description": "Configuration for OpenShift router(s).", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/OpenShiftRouterProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "openShiftVersion" - ], - "type": "object" - }, - "OpenShiftRouterProfile": { - "description": "Represents an OpenShift router", - "properties": { - "name": { - "description": "Name of the router profile.", - "type": "string" - } - }, - "type": "object" - }, - "PurchasePlan": { - "description": "Used for establishing the purchase context of any 3rd Party artifact through MarketPlace.", - "properties": { - "name": { - "description": "The plan ID.", - "type": "string" - }, - "product": { - "description": "Specifies the product of the image from the marketplace. This is the same value as Offer under the imageReference element.", - "type": "string" - }, - "promotionCode": { - "description": "The promotion code.", - "type": "string" - }, - "publisher": { - "description": "The plan ID.", - "type": "string" - } - }, - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2019-10-01/Microsoft.ContainerService.Aks.json b/schemas/2019-10-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 3ed00a02f0..0000000000 --- a/schemas/2019-10-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,1511 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2019-10-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2019-10-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - } - ] - }, - "type": "array" - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2019-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "required": [ - "clientAppID", - "serverAppID" - ], - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "(PREVIEW) Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "(PREVIEW) Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2019-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2019-10-27-preview/Microsoft.ContainerService.Aks.json b/schemas/2019-10-27-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index f683b3abda..0000000000 --- a/schemas/2019-10-27-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,530 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2019-10-27-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "openShiftManagedClusters": { - "description": "Microsoft.ContainerService/openShiftManagedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2019-10-27-preview" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the OpenShift managed cluster resource.", - "type": "string" - }, - "plan": { - "description": "Define the resource plan as required by ARM for billing purposes", - "oneOf": [ - { - "$ref": "#/definitions/PurchasePlan" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a OpenShift managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/openShiftManagedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "NetworkProfile": { - "description": "Represents the OpenShift networking configuration", - "properties": { - "managementSubnetCidr": { - "description": "CIDR of subnet used to create PLS needed for management of the cluster", - "type": "string" - }, - "vnetCidr": { - "description": "CIDR for the OpenShift Vnet.", - "type": "string" - }, - "vnetId": { - "description": "ID of the Vnet created for OSA cluster.", - "type": "string" - } - }, - "type": "object" - }, - "OpenShiftAPIProperties": { - "description": "Defines further properties on the API.", - "properties": { - "privateApiServer": { - "description": "Specifies if API server is public or private.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "OpenShiftManagedClusterAgentPoolProfile": { - "description": "Defines the configuration of the OpenShift cluster VMs.", - "properties": { - "count": { - "description": "Number of agents (VMs) to host docker containers.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the pool profile in the context of the subscription and resource group.", - "type": "string" - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "role": { - "description": "Define the role of the AgentPoolProfile.", - "oneOf": [ - { - "enum": [ - "compute", - "infra" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "subnetCidr": { - "description": "Subnet CIDR for the peering.", - "type": "string" - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D64s_v3", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_F8s_v2", - "Standard_F16s_v2", - "Standard_F32s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8s", - "Standard_F16s", - "Standard_E4s_v3", - "Standard_E8s_v3", - "Standard_E16s_v3", - "Standard_E20s_v3", - "Standard_E32s_v3", - "Standard_E64s_v3", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_L4s", - "Standard_L8s", - "Standard_L16s", - "Standard_L32s" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "count", - "vmSize" - ], - "type": "object" - }, - "OpenShiftManagedClusterAuthProfile": { - "description": "Defines all possible authentication profiles for the OpenShift cluster.", - "properties": { - "identityProviders": { - "description": "Type of authentication profile to use.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/OpenShiftManagedClusterIdentityProvider" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "OpenShiftManagedClusterBaseIdentityProvider": { - "description": "Structure for any Identity provider.", - "oneOf": [ - { - "description": "Defines the Identity provider for MS AAD.", - "properties": { - "clientId": { - "description": "The clientId password associated with the provider.", - "type": "string" - }, - "customerAdminGroupId": { - "description": "The groupId to be granted cluster admin role.", - "type": "string" - }, - "kind": { - "enum": [ - "AADIdentityProvider" - ], - "type": "string" - }, - "secret": { - "description": "The secret password associated with the provider.", - "type": "string" - }, - "tenantId": { - "description": "The tenantId associated with the provider.", - "type": "string" - } - }, - "required": [ - "kind" - ], - "type": "object" - } - ], - "properties": {}, - "type": "object" - }, - "OpenShiftManagedClusterIdentityProvider": { - "description": "Defines the configuration of the identity providers to be used in the OpenShift cluster.", - "properties": { - "name": { - "description": "Name of the provider.", - "type": "string" - }, - "provider": { - "description": "Configuration of the provider.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterBaseIdentityProvider" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "OpenShiftManagedClusterMasterPoolProfile": { - "description": "OpenShiftManagedClusterMaterPoolProfile contains configuration for OpenShift master VMs.", - "properties": { - "apiProperties": { - "description": "Defines further properties on the API.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftAPIProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of masters (VMs) to host docker containers. The default value is 3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "subnetCidr": { - "description": "Subnet CIDR for the peering.", - "type": "string" - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D64s_v3", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_F8s_v2", - "Standard_F16s_v2", - "Standard_F32s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8s", - "Standard_F16s", - "Standard_E4s_v3", - "Standard_E8s_v3", - "Standard_E16s_v3", - "Standard_E20s_v3", - "Standard_E32s_v3", - "Standard_E64s_v3", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_L4s", - "Standard_L8s", - "Standard_L16s", - "Standard_L32s" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "count", - "vmSize" - ], - "type": "object" - }, - "OpenShiftManagedClusterMonitorProfile": { - "description": "Defines the configuration for Log Analytics integration.", - "properties": { - "enabled": { - "description": "If the Log analytics integration should be turned on or off", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workspaceResourceID": { - "description": "Azure Resource Manager Resource ID for the Log Analytics workspace to integrate with.", - "type": "string" - } - }, - "type": "object" - }, - "OpenShiftManagedClusterProperties": { - "description": "Properties of the OpenShift managed cluster.", - "properties": { - "agentPoolProfiles": { - "description": "Configuration of OpenShift cluster VMs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/OpenShiftManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "authProfile": { - "description": "Configures OpenShift authentication.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterAuthProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "masterPoolProfile": { - "description": "Configuration for OpenShift master VMs.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterMasterPoolProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "monitorProfile": { - "description": "Configures Log Analytics integration.", - "oneOf": [ - { - "$ref": "#/definitions/OpenShiftManagedClusterMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Configuration for OpenShift networking.", - "oneOf": [ - { - "$ref": "#/definitions/NetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "openShiftVersion": { - "description": "Version of OpenShift specified when creating the cluster.", - "type": "string" - }, - "refreshCluster": { - "description": "Allows node rotation", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "routerProfiles": { - "description": "Configuration for OpenShift router(s).", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/OpenShiftRouterProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "openShiftVersion" - ], - "type": "object" - }, - "OpenShiftRouterProfile": { - "description": "Represents an OpenShift router", - "properties": { - "name": { - "description": "Name of the router profile.", - "type": "string" - } - }, - "type": "object" - }, - "PurchasePlan": { - "description": "Used for establishing the purchase context of any 3rd Party artifact through MarketPlace.", - "properties": { - "name": { - "description": "The plan ID.", - "type": "string" - }, - "product": { - "description": "Specifies the product of the image from the marketplace. This is the same value as Offer under the imageReference element.", - "type": "string" - }, - "promotionCode": { - "description": "The promotion code.", - "type": "string" - }, - "publisher": { - "description": "The plan ID.", - "type": "string" - } - }, - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2019-11-01/Microsoft.ContainerService.Aks.json b/schemas/2019-11-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 9789f60333..0000000000 --- a/schemas/2019-11-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,1644 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2019-11-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2019-11-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - } - ] - }, - "type": "array" - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2019-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "The outbound (egress) routing method.", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "required": [ - "clientAppID", - "serverAppID" - ], - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterPropertiesIdentityProfileValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesIdentityProfileValue": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2019-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2020-01-01/Microsoft.ContainerService.Aks.json b/schemas/2020-01-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 50eafad2fa..0000000000 --- a/schemas/2020-01-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,1648 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-01-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2020-01-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - } - ] - }, - "type": "array" - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "The outbound (egress) routing method.", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "required": [ - "clientAppID", - "serverAppID" - ], - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "ResourceId of the disk encryption set to use for enabling encryption at rest.", - "type": "string" - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterPropertiesIdentityProfileValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesIdentityProfileValue": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2020-02-01/Microsoft.ContainerService.Aks.json b/schemas/2020-02-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 45ebcda927..0000000000 --- a/schemas/2020-02-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,1728 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-02-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2020-02-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - } - ] - }, - "type": "array" - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "Network mode used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "The outbound (egress) routing method.", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "required": [ - "clientAppID", - "serverAppID" - ], - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot or low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot or low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "ResourceId of the disk encryption set to use for enabling encryption at rest.", - "type": "string" - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterPropertiesIdentityProfileValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "max-graceful-termination-sec": { - "type": "string" - }, - "scale-down-delay-after-add": { - "type": "string" - }, - "scale-down-delay-after-delete": { - "type": "string" - }, - "scale-down-delay-after-failure": { - "type": "string" - }, - "scale-down-unneeded-time": { - "type": "string" - }, - "scale-down-unready-time": { - "type": "string" - }, - "scale-down-utilization-threshold": { - "type": "string" - }, - "scan-interval": { - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterPropertiesIdentityProfileValue": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2020-03-01/Microsoft.ContainerService.Aks.json b/schemas/2020-03-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index f45f67339a..0000000000 --- a/schemas/2020-03-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,1827 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-03-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2020-03-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "Network mode used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "The outbound (egress) routing method.", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "adminGroupObjectIDs": { - "description": "AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot or low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot or low priority virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Low", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "ResourceId of the disk encryption set to use for enabling encryption at rest.", - "type": "string" - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterPropertiesIdentityProfileValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "type": "string" - }, - "max-graceful-termination-sec": { - "type": "string" - }, - "scale-down-delay-after-add": { - "type": "string" - }, - "scale-down-delay-after-delete": { - "type": "string" - }, - "scale-down-delay-after-failure": { - "type": "string" - }, - "scale-down-unneeded-time": { - "type": "string" - }, - "scale-down-unready-time": { - "type": "string" - }, - "scale-down-utilization-threshold": { - "type": "string" - }, - "scan-interval": { - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterPropertiesIdentityProfileValue": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "properties": { - "name": { - "description": "Name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "Tier of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2020-04-01/Microsoft.ContainerService.Aks.json b/schemas/2020-04-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 4c7fb7a3e3..0000000000 --- a/schemas/2020-04-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,1865 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-04-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2020-04-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "Count or percentage of additional nodes to be added during upgrade. If empty uses AKS default", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "Network mode used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "The outbound (egress) routing method.", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "adminGroupObjectIDs": { - "description": "AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeImageVersion": { - "description": "Version of node image", - "type": "string" - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeImageVersion": { - "description": "Version of node image", - "type": "string" - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "ResourceId of the disk encryption set to use for enabling encryption at rest.", - "type": "string" - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterPropertiesIdentityProfileValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "type": "string" - }, - "max-graceful-termination-sec": { - "type": "string" - }, - "scale-down-delay-after-add": { - "type": "string" - }, - "scale-down-delay-after-delete": { - "type": "string" - }, - "scale-down-delay-after-failure": { - "type": "string" - }, - "scale-down-unneeded-time": { - "type": "string" - }, - "scale-down-unready-time": { - "type": "string" - }, - "scale-down-utilization-threshold": { - "type": "string" - }, - "scan-interval": { - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterPropertiesIdentityProfileValue": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "properties": { - "name": { - "description": "Name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "Tier of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2020-06-01/Microsoft.ContainerService.Aks.json b/schemas/2020-06-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index f2c95b8a17..0000000000 --- a/schemas/2020-06-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,2053 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-06-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2020-06-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2020-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "Count or percentage of additional nodes to be added during upgrade. If empty uses AKS default", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "Network mode used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "The outbound (egress) routing method.", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "adminGroupObjectIDs": { - "description": "AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeImageVersion": { - "description": "Version of node image", - "type": "string" - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeImageVersion": { - "description": "Version of node image", - "type": "string" - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "ResourceId of the disk encryption set to use for enabling encryption at rest.", - "type": "string" - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterPropertiesIdentityProfileValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "type": "string" - }, - "max-graceful-termination-sec": { - "type": "string" - }, - "scale-down-delay-after-add": { - "type": "string" - }, - "scale-down-delay-after-delete": { - "type": "string" - }, - "scale-down-delay-after-failure": { - "type": "string" - }, - "scale-down-unneeded-time": { - "type": "string" - }, - "scale-down-unready-time": { - "type": "string" - }, - "scale-down-utilization-threshold": { - "type": "string" - }, - "scan-interval": { - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterPropertiesIdentityProfileValue": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "properties": { - "name": { - "description": "Name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "Tier of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource Id for private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2020-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2020-07-01/Microsoft.ContainerService.Aks.json b/schemas/2020-07-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 8e9ee8467f..0000000000 --- a/schemas/2020-07-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,2060 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-07-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2020-07-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2020-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "Count or percentage of additional nodes to be added during upgrade. If empty uses AKS default", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "Network mode used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "The outbound (egress) routing method.", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "adminGroupObjectIDs": { - "description": "AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "ResourceId of the disk encryption set to use for enabling encryption at rest.", - "type": "string" - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterPropertiesIdentityProfileValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "type": "string" - }, - "max-graceful-termination-sec": { - "type": "string" - }, - "scale-down-delay-after-add": { - "type": "string" - }, - "scale-down-delay-after-delete": { - "type": "string" - }, - "scale-down-delay-after-failure": { - "type": "string" - }, - "scale-down-unneeded-time": { - "type": "string" - }, - "scale-down-unready-time": { - "type": "string" - }, - "scale-down-utilization-threshold": { - "type": "string" - }, - "scan-interval": { - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterPropertiesIdentityProfileValue": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "properties": { - "name": { - "description": "Name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "Tier of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "licenseType": { - "description": "The licenseType to use for Windows VMs. Windows_Server is used to enable Azure Hybrid User Benefits for Windows VMs.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource Id for private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2020-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2020-09-01/Microsoft.ContainerService.Aks.json b/schemas/2020-09-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 9ac31b313f..0000000000 --- a/schemas/2020-09-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,2123 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-09-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2020-09-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2020-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "Count or percentage of additional nodes to be added during upgrade. If empty uses AKS default", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "Network mode used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "The outbound (egress) routing method.", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "adminGroupObjectIDs": { - "description": "AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "OS disk type to be used for machines in a given agent pool. Allowed values are 'Ephemeral' and 'Managed'. Defaults to 'Managed'. May not be changed after creation.", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "OS disk type to be used for machines in a given agent pool. Allowed values are 'Ephemeral' and 'Managed'. Defaults to 'Managed'. May not be changed after creation.", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "ResourceId of the disk encryption set to use for enabling encryption at rest.", - "type": "string" - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterPropertiesIdentityProfileValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "type": "string" - }, - "expander": { - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "type": "string" - }, - "max-graceful-termination-sec": { - "type": "string" - }, - "max-total-unready-percentage": { - "type": "string" - }, - "new-pod-scale-up-delay": { - "type": "string" - }, - "ok-total-unready-count": { - "type": "string" - }, - "scale-down-delay-after-add": { - "type": "string" - }, - "scale-down-delay-after-delete": { - "type": "string" - }, - "scale-down-delay-after-failure": { - "type": "string" - }, - "scale-down-unneeded-time": { - "type": "string" - }, - "scale-down-unready-time": { - "type": "string" - }, - "scale-down-utilization-threshold": { - "type": "string" - }, - "scan-interval": { - "type": "string" - }, - "skip-nodes-with-local-storage": { - "type": "string" - }, - "skip-nodes-with-system-pods": { - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterPropertiesIdentityProfileValue": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "properties": { - "name": { - "description": "Name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "Tier of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "licenseType": { - "description": "The licenseType to use for Windows VMs. Windows_Server is used to enable Azure Hybrid User Benefits for Windows VMs.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource Id for private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2020-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2020-11-01/Microsoft.ContainerService.Aks.json b/schemas/2020-11-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 695d1518ba..0000000000 --- a/schemas/2020-11-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,2766 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-11-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2020-11-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2020-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "Count or percentage of additional nodes to be added during upgrade. If empty uses AKS default", - "type": "string" - } - }, - "type": "object" - }, - "Components1Umhcm8SchemasManagedclusteridentityPropertiesUserassignedidentitiesAdditionalproperties": { - "properties": {}, - "type": "object" - }, - "ComponentsQit0EtSchemasManagedclusterpropertiesPropertiesIdentityprofileAdditionalproperties": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "Network mode used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "The outbound (egress) routing method.", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "KubeletConfig": { - "description": "Kubelet configurations of agent nodes.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowlist of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "Enable CPU CFS quota enforcement for containers that specify CPU limits.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "Sets CPU CFS quota period value.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "CPU Manager policy to use.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "The percent of disk usage after which image garbage collection is always run.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "The percent of disk usage before which image garbage collection is never run.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "Topology Manager policy to use.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "OS configurations of Linux agent nodes.", - "properties": { - "swapFileSizeMB": { - "description": "SwapFileSizeMB specifies size in MB of a swap file will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Transparent Huge Page defrag configuration.", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Transparent Huge Page enabled configuration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "adminGroupObjectIDs": { - "description": "AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "Private dns zone mode for private cluster. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "KubeletConfig specifies the configuration of kubelet on agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "LinuxOSConfig specifies the OS configuration of linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "OS disk type to be used for machines in a given agent pool. Allowed values are 'Ephemeral' and 'Managed'. If unspecified, defaults to 'Ephemeral' when the VM supports ephemeral OS and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation.", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "Pod SubnetID specifies the VNet's subnet identifier for pods.", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier for nodes and maybe pods", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "KubeletConfig specifies the configuration of kubelet on agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "LinuxOSConfig specifies the OS configuration of linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "OS disk type to be used for machines in a given agent pool. Allowed values are 'Ephemeral' and 'Managed'. If unspecified, defaults to 'Ephemeral' when the VM supports ephemeral OS and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation.", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "Pod SubnetID specifies the VNet's subnet identifier for pods.", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier for nodes and maybe pods", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "upgrade channel for auto upgrade.", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/Components1Umhcm8SchemasManagedclusteridentityPropertiesUserassignedidentitiesAdditionalproperties" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "properties": { - "identity": { - "description": "Information of the user assigned identity.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "Namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "properties": { - "name": { - "description": "Name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "Namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "Pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "properties": { - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "User assigned pod identity settings.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "User assigned pod identity exception settings.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "Profile of auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "ResourceId of the disk encryption set to use for enabling encryption at rest.", - "type": "string" - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ComponentsQit0EtSchemasManagedclusterpropertiesPropertiesIdentityprofileAdditionalproperties" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "Profile of managed cluster pod identity.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "type": "string" - }, - "expander": { - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "type": "string" - }, - "max-graceful-termination-sec": { - "type": "string" - }, - "max-total-unready-percentage": { - "type": "string" - }, - "new-pod-scale-up-delay": { - "type": "string" - }, - "ok-total-unready-count": { - "type": "string" - }, - "scale-down-delay-after-add": { - "type": "string" - }, - "scale-down-delay-after-delete": { - "type": "string" - }, - "scale-down-delay-after-failure": { - "type": "string" - }, - "scale-down-unneeded-time": { - "type": "string" - }, - "scale-down-unready-time": { - "type": "string" - }, - "scale-down-utilization-threshold": { - "type": "string" - }, - "scan-interval": { - "type": "string" - }, - "skip-nodes-with-local-storage": { - "type": "string" - }, - "skip-nodes-with-system-pods": { - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "properties": { - "name": { - "description": "Name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "Tier of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "licenseType": { - "description": "The licenseType to use for Windows VMs. Windows_Server is used to enable Azure Hybrid User Benefits for Windows VMs.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource Id for private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpRmem": { - "description": "Sysctl setting net.ipv4.tcp_rmem.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpWmem": { - "description": "Sysctl setting net.ipv4.tcp_wmem.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2020-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2020-12-01/Microsoft.ContainerService.Aks.json b/schemas/2020-12-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 1ed664e4e0..0000000000 --- a/schemas/2020-12-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3027 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-12-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2020-12-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-12-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2020-12-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2020-12-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "Count or percentage of additional nodes to be added during upgrade. If empty uses AKS default", - "type": "string" - } - }, - "type": "object" - }, - "Components1Umhcm8SchemasManagedclusteridentityPropertiesUserassignedidentitiesAdditionalproperties": { - "properties": {}, - "type": "object" - }, - "ComponentsQit0EtSchemasManagedclusterpropertiesPropertiesIdentityprofileAdditionalproperties": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "Network mode used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "The outbound (egress) routing method.", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "KubeletConfig": { - "description": "Kubelet configurations of agent nodes.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowlist of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "Enable CPU CFS quota enforcement for containers that specify CPU limits.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "Sets CPU CFS quota period value.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "CPU Manager policy to use.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "The percent of disk usage after which image garbage collection is always run.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "The percent of disk usage before which image garbage collection is never run.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "Topology Manager policy to use.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "OS configurations of Linux agent nodes.", - "properties": { - "swapFileSizeMB": { - "description": "SwapFileSizeMB specifies size in MB of a swap file will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Transparent Huge Page defrag configuration.", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Transparent Huge Page enabled configuration.", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Default maintenance configuration properties.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "Weekday time slots allowed to upgrade.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "adminGroupObjectIDs": { - "description": "AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "Private dns zone mode for private cluster. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "Whether to enable EncryptionAtHost", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "KubeletConfig specifies the configuration of kubelet on agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "KubeletDiskType determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. Currently allows one value, OS, resulting in Kubelet using the OS disk for data.", - "oneOf": [ - { - "enum": [ - "OS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "LinuxOSConfig specifies the OS configuration of linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "OS disk type to be used for machines in a given agent pool. Allowed values are 'Ephemeral' and 'Managed'. If unspecified, defaults to 'Ephemeral' when the VM supports ephemeral OS and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation.", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "Pod SubnetID specifies the VNet's subnet identifier for pods.", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier for nodes and maybe pods", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "Whether to enable EncryptionAtHost", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "KubeletConfig specifies the configuration of kubelet on agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "KubeletDiskType determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. Currently allows one value, OS, resulting in Kubelet using the OS disk for data.", - "oneOf": [ - { - "enum": [ - "OS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "LinuxOSConfig specifies the OS configuration of linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "OS disk type to be used for machines in a given agent pool. Allowed values are 'Ephemeral' and 'Managed'. If unspecified, defaults to 'Ephemeral' when the VM supports ephemeral OS and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation.", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "Pod SubnetID specifies the VNet's subnet identifier for pods.", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier for nodes and maybe pods", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "upgrade channel for auto upgrade.", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/Components1Umhcm8SchemasManagedclusteridentityPropertiesUserassignedidentitiesAdditionalproperties" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "properties": { - "identity": { - "description": "Information of the user assigned identity.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "Namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "properties": { - "name": { - "description": "Name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "Namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "Pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "properties": { - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "User assigned pod identity settings.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "User assigned pod identity exception settings.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "Profile of auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "ResourceId of the disk encryption set to use for enabling encryption at rest.", - "type": "string" - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ComponentsQit0EtSchemasManagedclusterpropertiesPropertiesIdentityprofileAdditionalproperties" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "Profile of managed cluster pod identity.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "type": "string" - }, - "expander": { - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "type": "string" - }, - "max-graceful-termination-sec": { - "type": "string" - }, - "max-node-provision-time": { - "type": "string" - }, - "max-total-unready-percentage": { - "type": "string" - }, - "new-pod-scale-up-delay": { - "type": "string" - }, - "ok-total-unready-count": { - "type": "string" - }, - "scale-down-delay-after-add": { - "type": "string" - }, - "scale-down-delay-after-delete": { - "type": "string" - }, - "scale-down-delay-after-failure": { - "type": "string" - }, - "scale-down-unneeded-time": { - "type": "string" - }, - "scale-down-unready-time": { - "type": "string" - }, - "scale-down-utilization-threshold": { - "type": "string" - }, - "scan-interval": { - "type": "string" - }, - "skip-nodes-with-local-storage": { - "type": "string" - }, - "skip-nodes-with-system-pods": { - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "properties": { - "name": { - "description": "Name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "Tier of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "licenseType": { - "description": "The licenseType to use for Windows VMs. Windows_Server is used to enable Azure Hybrid User Benefits for Windows VMs.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource Id for private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "A day in a week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "hour slots in a day.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "The time span with start and end properties.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2020-12-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2020-12-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2020-12-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2021-02-01/Microsoft.ContainerService.Aks.json b/schemas/2021-02-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 76eede547b..0000000000 --- a/schemas/2021-02-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3052 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2021-02-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2021-02-01" - ], - "type": "string" - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "Count or percentage of additional nodes to be added during upgrade. If empty uses AKS default", - "type": "string" - } - }, - "type": "object" - }, - "Components1Umhcm8SchemasManagedclusteridentityPropertiesUserassignedidentitiesAdditionalproperties": { - "properties": {}, - "type": "object" - }, - "ComponentsQit0EtSchemasManagedclusterpropertiesPropertiesIdentityprofileAdditionalproperties": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "Network mode used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "The outbound (egress) routing method.", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "KubeletConfig": { - "description": "Kubelet configurations of agent nodes.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowlist of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "Enable CPU CFS quota enforcement for containers that specify CPU limits.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "Sets CPU CFS quota period value.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "CPU Manager policy to use.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "The percent of disk usage after which image garbage collection is always run.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "The percent of disk usage before which image garbage collection is never run.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "Topology Manager policy to use.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "OS configurations of Linux agent nodes.", - "properties": { - "swapFileSizeMB": { - "description": "SwapFileSizeMB specifies size in MB of a swap file will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Transparent Huge Page defrag configuration.", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Transparent Huge Page enabled configuration.", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Default maintenance configuration properties.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "Weekday time slots allowed to upgrade.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "adminGroupObjectIDs": { - "description": "AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "Private dns zone mode for private cluster. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "Whether to enable EncryptionAtHost", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "KubeletConfig specifies the configuration of kubelet on agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "KubeletDiskType determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. Currently allows one value, OS, resulting in Kubelet using the OS disk for data.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "LinuxOSConfig specifies the OS configuration of linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "Public IP Prefix ID. VM nodes use IPs assigned from this Public IP Prefix.", - "type": "string" - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "OS disk type to be used for machines in a given agent pool. Allowed values are 'Ephemeral' and 'Managed'. If unspecified, defaults to 'Ephemeral' when the VM supports ephemeral OS and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation.", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "Pod SubnetID specifies the VNet's subnet identifier for pods.", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier for nodes and maybe pods", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "Whether to enable EncryptionAtHost", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "KubeletConfig specifies the configuration of kubelet on agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "KubeletDiskType determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. Currently allows one value, OS, resulting in Kubelet using the OS disk for data.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "LinuxOSConfig specifies the OS configuration of linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "Public IP Prefix ID. VM nodes use IPs assigned from this Public IP Prefix.", - "type": "string" - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 1023, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "OS disk type to be used for machines in a given agent pool. Allowed values are 'Ephemeral' and 'Managed'. If unspecified, defaults to 'Ephemeral' when the VM supports ephemeral OS and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation.", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "Pod SubnetID specifies the VNet's subnet identifier for pods.", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "oneOf": [ - { - "enum": [ - "Standard_A1", - "Standard_A10", - "Standard_A11", - "Standard_A1_v2", - "Standard_A2", - "Standard_A2_v2", - "Standard_A2m_v2", - "Standard_A3", - "Standard_A4", - "Standard_A4_v2", - "Standard_A4m_v2", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_A8", - "Standard_A8_v2", - "Standard_A8m_v2", - "Standard_A9", - "Standard_B2ms", - "Standard_B2s", - "Standard_B4ms", - "Standard_B8ms", - "Standard_D1", - "Standard_D11", - "Standard_D11_v2", - "Standard_D11_v2_Promo", - "Standard_D12", - "Standard_D12_v2", - "Standard_D12_v2_Promo", - "Standard_D13", - "Standard_D13_v2", - "Standard_D13_v2_Promo", - "Standard_D14", - "Standard_D14_v2", - "Standard_D14_v2_Promo", - "Standard_D15_v2", - "Standard_D16_v3", - "Standard_D16s_v3", - "Standard_D1_v2", - "Standard_D2", - "Standard_D2_v2", - "Standard_D2_v2_Promo", - "Standard_D2_v3", - "Standard_D2s_v3", - "Standard_D3", - "Standard_D32_v3", - "Standard_D32s_v3", - "Standard_D3_v2", - "Standard_D3_v2_Promo", - "Standard_D4", - "Standard_D4_v2", - "Standard_D4_v2_Promo", - "Standard_D4_v3", - "Standard_D4s_v3", - "Standard_D5_v2", - "Standard_D5_v2_Promo", - "Standard_D64_v3", - "Standard_D64s_v3", - "Standard_D8_v3", - "Standard_D8s_v3", - "Standard_DS1", - "Standard_DS11", - "Standard_DS11_v2", - "Standard_DS11_v2_Promo", - "Standard_DS12", - "Standard_DS12_v2", - "Standard_DS12_v2_Promo", - "Standard_DS13", - "Standard_DS13-2_v2", - "Standard_DS13-4_v2", - "Standard_DS13_v2", - "Standard_DS13_v2_Promo", - "Standard_DS14", - "Standard_DS14-4_v2", - "Standard_DS14-8_v2", - "Standard_DS14_v2", - "Standard_DS14_v2_Promo", - "Standard_DS15_v2", - "Standard_DS1_v2", - "Standard_DS2", - "Standard_DS2_v2", - "Standard_DS2_v2_Promo", - "Standard_DS3", - "Standard_DS3_v2", - "Standard_DS3_v2_Promo", - "Standard_DS4", - "Standard_DS4_v2", - "Standard_DS4_v2_Promo", - "Standard_DS5_v2", - "Standard_DS5_v2_Promo", - "Standard_E16_v3", - "Standard_E16s_v3", - "Standard_E2_v3", - "Standard_E2s_v3", - "Standard_E32-16s_v3", - "Standard_E32-8s_v3", - "Standard_E32_v3", - "Standard_E32s_v3", - "Standard_E4_v3", - "Standard_E4s_v3", - "Standard_E64-16s_v3", - "Standard_E64-32s_v3", - "Standard_E64_v3", - "Standard_E64s_v3", - "Standard_E8_v3", - "Standard_E8s_v3", - "Standard_F1", - "Standard_F16", - "Standard_F16s", - "Standard_F16s_v2", - "Standard_F1s", - "Standard_F2", - "Standard_F2s", - "Standard_F2s_v2", - "Standard_F32s_v2", - "Standard_F4", - "Standard_F4s", - "Standard_F4s_v2", - "Standard_F64s_v2", - "Standard_F72s_v2", - "Standard_F8", - "Standard_F8s", - "Standard_F8s_v2", - "Standard_G1", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS1", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS4-4", - "Standard_GS4-8", - "Standard_GS5", - "Standard_GS5-16", - "Standard_GS5-8", - "Standard_H16", - "Standard_H16m", - "Standard_H16mr", - "Standard_H16r", - "Standard_H8", - "Standard_H8m", - "Standard_L16s", - "Standard_L32s", - "Standard_L4s", - "Standard_L8s", - "Standard_M128-32ms", - "Standard_M128-64ms", - "Standard_M128ms", - "Standard_M128s", - "Standard_M64-16ms", - "Standard_M64-32ms", - "Standard_M64ms", - "Standard_M64s", - "Standard_NC12", - "Standard_NC12s_v2", - "Standard_NC12s_v3", - "Standard_NC24", - "Standard_NC24r", - "Standard_NC24rs_v2", - "Standard_NC24rs_v3", - "Standard_NC24s_v2", - "Standard_NC24s_v3", - "Standard_NC6", - "Standard_NC6s_v2", - "Standard_NC6s_v3", - "Standard_ND12s", - "Standard_ND24rs", - "Standard_ND24s", - "Standard_ND6s", - "Standard_NV12", - "Standard_NV24", - "Standard_NV6" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier for nodes and maybe pods", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "upgrade channel for auto upgrade.", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/Components1Umhcm8SchemasManagedclusteridentityPropertiesUserassignedidentitiesAdditionalproperties" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "properties": { - "identity": { - "description": "Information of the user assigned identity.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "Namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "properties": { - "name": { - "description": "Name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "Namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "Pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "properties": { - "allowNetworkPluginKubenet": { - "description": "Customer consent for enabling AAD pod identity addon in cluster using Kubenet network plugin.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "User assigned pod identity settings.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "User assigned pod identity exception settings.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "Profile of auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "ResourceId of the disk encryption set to use for enabling encryption at rest.", - "type": "string" - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "FQDN subdomain specified when creating private cluster with custom private dns zone.", - "type": "string" - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ComponentsQit0EtSchemasManagedclusterpropertiesPropertiesIdentityprofileAdditionalproperties" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "Profile of managed cluster pod identity.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "type": "string" - }, - "expander": { - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "type": "string" - }, - "max-graceful-termination-sec": { - "type": "string" - }, - "max-node-provision-time": { - "type": "string" - }, - "max-total-unready-percentage": { - "type": "string" - }, - "new-pod-scale-up-delay": { - "type": "string" - }, - "ok-total-unready-count": { - "type": "string" - }, - "scale-down-delay-after-add": { - "type": "string" - }, - "scale-down-delay-after-delete": { - "type": "string" - }, - "scale-down-delay-after-failure": { - "type": "string" - }, - "scale-down-unneeded-time": { - "type": "string" - }, - "scale-down-unready-time": { - "type": "string" - }, - "scale-down-utilization-threshold": { - "type": "string" - }, - "scan-interval": { - "type": "string" - }, - "skip-nodes-with-local-storage": { - "type": "string" - }, - "skip-nodes-with-system-pods": { - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "properties": { - "name": { - "description": "Name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "Tier of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "licenseType": { - "description": "The licenseType to use for Windows VMs. Windows_Server is used to enable Azure Hybrid User Benefits for Windows VMs.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource Id for private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "A day in a week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "hour slots in a day.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "The time span with start and end properties.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2021-03-01/Microsoft.ContainerService.Aks.json b/schemas/2021-03-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index d199a8db30..0000000000 --- a/schemas/2021-03-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,2929 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2021-03-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2021-03-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "Count or percentage of additional nodes to be added during upgrade. If empty uses AKS default", - "type": "string" - } - }, - "type": "object" - }, - "Components1Umhcm8SchemasManagedclusteridentityPropertiesUserassignedidentitiesAdditionalproperties": { - "properties": {}, - "type": "object" - }, - "ComponentsQit0EtSchemasManagedclusterpropertiesPropertiesIdentityprofileAdditionalproperties": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The load balancer sku for the managed cluster.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "Network mode used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "The outbound (egress) routing method.", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. Only expect one key specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "Kubelet configurations of agent nodes.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowlist of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "Enable CPU CFS quota enforcement for containers that specify CPU limits.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "Sets CPU CFS quota period value.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "CPU Manager policy to use.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "The percent of disk usage after which image garbage collection is always run.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "The percent of disk usage before which image garbage collection is never run.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "Topology Manager policy to use.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "OS configurations of Linux agent nodes.", - "properties": { - "swapFileSizeMB": { - "description": "SwapFileSizeMB specifies size in MB of a swap file will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Transparent Huge Page defrag configuration.", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Transparent Huge Page enabled configuration.", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Default maintenance configuration properties.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "Weekday time slots allowed to upgrade.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "AADProfile specifies attributes for Azure Active Directory integration.", - "properties": { - "adminGroupObjectIDs": { - "description": "AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "Authorized IP Ranges to kubernetes API server.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "Whether to create the cluster as a private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "Private dns zone mode for private cluster. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "Whether to enable EncryptionAtHost", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "Whether to use FIPS enabled OS", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU. Supported values are MIG1g, MIG2g, MIG3g, MIG4g and MIG7g.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "KubeletConfig specifies the configuration of kubelet on agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "KubeletDiskType determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. Currently allows one value, OS, resulting in Kubelet using the OS disk for data.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "LinuxOSConfig specifies the OS configuration of linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Unique name of the agent pool profile in the context of the subscription and resource group.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "Public IP Prefix ID. VM nodes use IPs assigned from this Public IP Prefix.", - "type": "string" - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "OS disk type to be used for machines in a given agent pool. Allowed values are 'Ephemeral' and 'Managed'. If unspecified, defaults to 'Ephemeral' when the VM supports ephemeral OS and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation.", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "OsSKU to be used to specify os sku. Choose from Ubuntu(default) and CBLMariner for Linux OSType. Not applicable to Windows OSType.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "Pod SubnetID specifies the VNet's subnet identifier for pods.", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "type": "string" - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier for nodes and maybe pods", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "Availability zones for nodes. Must use VirtualMachineScaleSets AgentPoolType.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 100 (inclusive) for user pools and in the range of 1 to 100 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "Whether to enable EncryptionAtHost", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "Whether to use FIPS enabled OS", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Enable public IP for nodes", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU. Supported values are MIG1g, MIG2g, MIG3g, MIG4g and MIG7g.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "KubeletConfig specifies the configuration of kubelet on agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "KubeletDiskType determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage. Currently allows one value, OS, resulting in Kubelet using the OS disk for data.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "LinuxOSConfig specifies the OS configuration of linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "Maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "Maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "Minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "AgentPoolMode represents mode of an agent pool", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "Agent pool node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "Public IP Prefix ID. VM nodes use IPs assigned from this Public IP Prefix.", - "type": "string" - }, - "nodeTaints": { - "description": "Taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Version of orchestrator specified when creating the managed cluster.", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in this master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "OS disk type to be used for machines in a given agent pool. Allowed values are 'Ephemeral' and 'Managed'. If unspecified, defaults to 'Ephemeral' when the VM supports ephemeral OS and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation.", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "OsSKU to be used to specify os sku. Choose from Ubuntu(default) and CBLMariner for Linux OSType. Not applicable to Windows OSType.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "OsType to be used to specify os type. Choose from Linux and Windows. Default to Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "Pod SubnetID specifies the VNet's subnet identifier for pods.", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "ScaleSetEvictionPolicy to be used to specify eviction policy for Spot virtual machine scale set. Default to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "ScaleSetPriority to be used to specify virtual machine scale set priority. Default to regular.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "SpotMaxPrice to be used to specify the maximum price you are willing to pay in US Dollars. Possible values are any decimal value greater than zero or -1 which indicates default price to be up-to on-demand.", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Agent pool tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "AgentPoolType represents types of an agent pool", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "Size of agent VMs.", - "type": "string" - }, - "vnetSubnetID": { - "description": "VNet SubnetID specifies the VNet's subnet identifier for nodes and maybe pods", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "upgrade channel for auto upgrade.", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "properties": { - "httpProxy": { - "description": "HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "Endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "The type of identity used for the managed cluster. Type 'SystemAssigned' will use an implicitly created identity in master components and an auto-created user assigned identity in MC_ resource group in agent nodes. Type 'None' will not use MSI for the managed cluster, service principal will be used instead.", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The user identity associated with the managed cluster. This identity will be used in control plane and only one user assigned identity is allowed. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/Components1Umhcm8SchemasManagedclusteridentityPropertiesUserassignedidentitiesAdditionalproperties" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "Desired number of allocated SNAT ports per VM. Allowed values must be in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values must be in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "Desired number of outbound IP created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "properties": { - "bindingSelector": { - "description": "Binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "Information of the user assigned identity.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "Namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "properties": { - "name": { - "description": "Name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "Namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "Pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "properties": { - "allowNetworkPluginKubenet": { - "description": "Customer consent for enabling AAD pod identity addon in cluster using Kubenet network plugin.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "User assigned pod identity settings.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "User assigned pod identity exception settings.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "Profile of Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "Profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "Properties of the agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "Profile of auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credential will be disabled for this cluster. Expected to only be used for AAD clusters.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "ResourceId of the disk encryption set to use for enabling encryption at rest.", - "type": "string" - }, - "dnsPrefix": { - "description": "DNS prefix specified when creating the managed cluster.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "FQDN subdomain specified when creating private cluster with custom private dns zone.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ComponentsQit0EtSchemasManagedclusterpropertiesPropertiesIdentityprofileAdditionalproperties" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Version of Kubernetes specified when creating the managed cluster.", - "type": "string" - }, - "linuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Profile of network configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "Name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "Profile of managed cluster pod identity.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "type": "string" - }, - "expander": { - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "type": "string" - }, - "max-graceful-termination-sec": { - "type": "string" - }, - "max-node-provision-time": { - "type": "string" - }, - "max-total-unready-percentage": { - "type": "string" - }, - "new-pod-scale-up-delay": { - "type": "string" - }, - "ok-total-unready-count": { - "type": "string" - }, - "scale-down-delay-after-add": { - "type": "string" - }, - "scale-down-delay-after-delete": { - "type": "string" - }, - "scale-down-delay-after-failure": { - "type": "string" - }, - "scale-down-unneeded-time": { - "type": "string" - }, - "scale-down-unready-time": { - "type": "string" - }, - "scale-down-utilization-threshold": { - "type": "string" - }, - "scan-interval": { - "type": "string" - }, - "skip-nodes-with-local-storage": { - "type": "string" - }, - "skip-nodes-with-system-pods": { - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "properties": { - "name": { - "description": "Name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "Tier of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the container service cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "Whether to enable CSI proxy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The licenseType to use for Windows VMs. Windows_Server is used to enable Azure Hybrid User Benefits for Windows VMs.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource Id for private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "A day in a week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "hour slots in a day.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "The time span with start and end properties.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "properties": { - "clientId": { - "description": "The client id of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object id of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource id of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2021-05-01/Microsoft.ContainerService.Aks.json b/schemas/2021-05-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 2358fc4ed1..0000000000 --- a/schemas/2021-05-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,2984 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2021-05-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2021-05-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-05-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-05-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-05-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "Components1Umhcm8SchemasManagedclusteridentityPropertiesUserassignedidentitiesAdditionalproperties": { - "properties": {}, - "type": "object" - }, - "ComponentsQit0EtSchemasManagedclusterpropertiesPropertiesIdentityprofileAdditionalproperties": { - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/Components1Umhcm8SchemasManagedclusteridentityPropertiesUserassignedidentitiesAdditionalproperties" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ComponentsQit0EtSchemasManagedclusterpropertiesPropertiesIdentityprofileAdditionalproperties" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-05-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-05-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-05-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2021-07-01/Microsoft.ContainerService.Aks.json b/schemas/2021-07-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 52656c6c48..0000000000 --- a/schemas/2021-07-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3122 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2021-07-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2021-07-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, this field should not be exists.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2021-08-01/Microsoft.ContainerService.Aks.json b/schemas/2021-08-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 58383207f5..0000000000 --- a/schemas/2021-08-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3320 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2021-08-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2021-08-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2021-08-01" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Desired Number of agents (VMs) specified to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Desired Number of agents (VMs) specified to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Default value is 'Enabled' (case insensitive). Could be set to 'Disabled' to enable private cluster", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, this field should not be exists.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2021-09-01/Microsoft.ContainerService.Aks.json b/schemas/2021-09-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index c8ad3ba32a..0000000000 --- a/schemas/2021-09-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3399 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2021-09-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2021-09-01" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Default value is 'Enabled' (case insensitive). Could be set to 'Disabled' to enable private cluster", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, this field should not be exists.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2021-10-01/Microsoft.ContainerService.Aks.json b/schemas/2021-10-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 19c1f90d57..0000000000 --- a/schemas/2021-10-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3458 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2021-10-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2021-10-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2021-10-01" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, this field should not be exists.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2021-11-01-preview/Microsoft.ContainerService.Aks.json b/schemas/2021-11-01-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index b50411ccee..0000000000 --- a/schemas/2021-11-01-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3513 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2021-11-01-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2021-11-01-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-11-01-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-11-01-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-11-01-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2021-11-01-preview" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2021-11-01-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2021-11-01-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2021-11-01-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-01-01/Microsoft.ContainerService.Aks.json b/schemas/2022-01-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 6944f591c7..0000000000 --- a/schemas/2022-01-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3458 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-01-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-01" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-01-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2022-01-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index d8e173c402..0000000000 --- a/schemas/2022-01-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3522 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-01-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-02-preview" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-02-01/Microsoft.ContainerService.Aks.json b/schemas/2022-02-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 38e78d2ec0..0000000000 --- a/schemas/2022-02-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3458 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-02-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-01" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-02-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2022-02-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index d4e3f592f4..0000000000 --- a/schemas/2022-02-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3655 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-02-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-02-preview" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-02-preview" - ], - "type": "string" - }, - "location": { - "description": "Resource location", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-03-01/Microsoft.ContainerService.Aks.json b/schemas/2022-03-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index ea045768a1..0000000000 --- a/schemas/2022-03-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3458 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-03-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-03-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2022-03-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 64ae5904d2..0000000000 --- a/schemas/2022-03-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3751 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-03-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "currentOrchestratorVersion": { - "description": "If orchestratorVersion was a fully specified version , this field will be exactly equal to it. If orchestratorVersion was , this field will contain the full version being used.", - "type": "string" - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "currentOrchestratorVersion": { - "description": "If orchestratorVersion was a fully specified version , this field will be exactly equal to it. If orchestratorVersion was , this field will contain the full version being used.", - "type": "string" - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload Identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Workload Identity", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-04-01/Microsoft.ContainerService.Aks.json b/schemas/2022-04-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 2ff3bd3ca1..0000000000 --- a/schemas/2022-04-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3559 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-04-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-04-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2022-04-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index b61139eb0b..0000000000 --- a/schemas/2022-04-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4024 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-04-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "Overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "currentOrchestratorVersion": { - "description": "If orchestratorVersion was a fully specified version , this field will be exactly equal to it. If orchestratorVersion was , this field will contain the full version being used.", - "type": "string" - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS deploys a daemonset and host services to sync custom certificate authorities from a user-provided config map into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "currentOrchestratorVersion": { - "description": "If orchestratorVersion was a fully specified version , this field will be exactly equal to it. If orchestratorVersion was , this field will contain the full version being used.", - "type": "string" - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS deploys a daemonset and host services to sync custom certificate authorities from a user-provided config map into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureDefender": { - "description": "Azure Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileAzureDefender": { - "description": "Azure Defender settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Defender", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender. When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload Identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Workload Identity", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-05-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2022-05-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 342b0a78e4..0000000000 --- a/schemas/2022-05-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4128 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-05-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-05-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-05-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-05-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "Overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS deploys a daemonset and host services to sync custom certificate authorities from a user-provided config map into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS deploys a daemonset and host services to sync custom certificate authorities from a user-provided config map into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload Identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Workload Identity", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-06-01/Microsoft.ContainerService.Aks.json b/schemas/2022-06-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index aec998ddbf..0000000000 --- a/schemas/2022-06-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3636 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-06-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies an OS SKU. This value must not be specified if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 92321ae1d0..0000000000 --- a/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4369 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "fleets": { - "description": "Microsoft.ContainerService/fleets", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the Fleet resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a Fleet.", - "oneOf": [ - { - "$ref": "#/definitions/FleetProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/fleets_members_childResource" - } - ] - }, - "type": "array" - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/fleets" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "fleets_members": { - "description": "Microsoft.ContainerService/fleets/members", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the Fleet member resource.", - "oneOf": [ - { - "maxLength": 50, - "minLength": 1, - "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a Fleet member.", - "oneOf": [ - { - "$ref": "#/definitions/FleetMemberProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/fleets/members" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "Overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "FleetHubProfile": { - "description": "The FleetHubProfile configures the fleet hub.", - "properties": { - "dnsPrefix": { - "description": "DNS prefix used to create the FQDN for the Fleet hub.", - "type": "string" - } - }, - "type": "object" - }, - "FleetMemberProperties": { - "description": "Properties of a Fleet member.", - "properties": { - "clusterResourceId": { - "description": "The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. e.g.: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'.", - "type": "string" - } - }, - "type": "object" - }, - "FleetProperties": { - "description": "Properties of a Fleet.", - "properties": { - "hubProfile": { - "description": "The FleetHubProfile configures the Fleet's hub.", - "oneOf": [ - { - "$ref": "#/definitions/FleetHubProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS deploys a daemonset and host services to sync custom certificate authorities from a user-provided config map into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS deploys a daemonset and host services to sync custom certificate authorities from a user-provided config map into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload Identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Workload Identity", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "fleets_members_childResource": { - "description": "Microsoft.ContainerService/fleets/members", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the Fleet member resource.", - "oneOf": [ - { - "maxLength": 50, - "minLength": 1, - "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a Fleet member.", - "oneOf": [ - { - "$ref": "#/definitions/FleetMemberProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "members" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-07-01/Microsoft.ContainerService.Aks.json b/schemas/2022-07-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 2f21710de2..0000000000 --- a/schemas/2022-07-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3640 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-07-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index a0ddf54723..0000000000 --- a/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4545 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "fleets": { - "description": "Microsoft.ContainerService/fleets", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the Fleet resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a Fleet.", - "oneOf": [ - { - "$ref": "#/definitions/FleetProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/fleets_members_childResource" - } - ] - }, - "type": "array" - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/fleets" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "fleets_members": { - "description": "Microsoft.ContainerService/fleets/members", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the Fleet member resource.", - "oneOf": [ - { - "maxLength": 50, - "minLength": 1, - "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a Fleet member.", - "oneOf": [ - { - "$ref": "#/definitions/FleetMemberProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/fleets/members" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "Overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "FleetHubProfile": { - "description": "The FleetHubProfile configures the fleet hub.", - "properties": { - "dnsPrefix": { - "description": "DNS prefix used to create the FQDN for the Fleet hub.", - "type": "string" - } - }, - "type": "object" - }, - "FleetMemberProperties": { - "description": "Properties of a Fleet member.", - "properties": { - "clusterResourceId": { - "description": "The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. e.g.: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'.", - "type": "string" - } - }, - "type": "object" - }, - "FleetProperties": { - "description": "Properties of a Fleet.", - "properties": { - "hubProfile": { - "description": "The FleetHubProfile configures the Fleet's hub.", - "oneOf": [ - { - "$ref": "#/definitions/FleetHubProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS deploys a daemonset and host services to sync custom certificate authorities from a user-provided config map into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS deploys a daemonset and host services to sync custom certificate authorities from a user-provided config map into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "ImageCleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "ImageCleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable ImageCleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "ImageCleaner scanning interval.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload Identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Workload Identity", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "controlledValues": { - "description": "Controls which resource value autoscaler will change. Default value is RequestsAndLimits.", - "oneOf": [ - { - "enum": [ - "RequestsAndLimits", - "RequestsOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "updateMode": { - "description": "Each update mode level is a superset of the lower levels. Off
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "fleets_members_childResource": { - "description": "Microsoft.ContainerService/fleets/members", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the Fleet member resource.", - "oneOf": [ - { - "maxLength": 50, - "minLength": 1, - "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a Fleet member.", - "oneOf": [ - { - "$ref": "#/definitions/FleetMemberProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "members" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-08-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2022-08-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 2e863b5b9c..0000000000 --- a/schemas/2022-08-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4551 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-08-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "Overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "version", - "level" - ], - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS deploys a daemonset and host services to sync custom certificate authorities from a user-provided config map into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS deploys a daemonset and host services to sync custom certificate authorities from a user-provided config map into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "ImageCleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "ImageCleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable ImageCleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "ImageCleaner scanning interval.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload Identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Workload Identity", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "controlledValues": { - "description": "Controls which resource value autoscaler will change. Default value is RequestsAndLimits.", - "oneOf": [ - { - "enum": [ - "RequestsAndLimits", - "RequestsOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "updateMode": { - "description": "Each update mode level is a superset of the lower levels. Off
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-08-03-preview/Microsoft.ContainerService.Aks.json b/schemas/2022-08-03-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 459d1498ae..0000000000 --- a/schemas/2022-08-03-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4607 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-08-03-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-03-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-03-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-03-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-03-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-03-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-03-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-03-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "Overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "version", - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS deploys a daemonset and host services to sync custom certificate authorities from a user-provided config map into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS deploys a daemonset and host services to sync custom certificate authorities from a user-provided config map into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "ImageCleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "ImageCleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable ImageCleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "ImageCleaner scanning interval.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload Identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Workload Identity", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "controlledValues": { - "description": "Controls which resource value autoscaler will change. Default value is RequestsAndLimits.", - "oneOf": [ - { - "enum": [ - "RequestsAndLimits", - "RequestsOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "updateMode": { - "description": "Each update mode level is a superset of the lower levels. Off
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-03-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-03-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-03-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-08-03-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-09-01/Microsoft.ContainerService.Aks.json b/schemas/2022-09-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index e2d751f9eb..0000000000 --- a/schemas/2022-09-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3696 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-09-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index b6de782cc5..0000000000 --- a/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4931 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "fleets": { - "description": "Microsoft.ContainerService/fleets", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the Fleet resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a Fleet.", - "oneOf": [ - { - "$ref": "#/definitions/FleetProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/fleets_members_childResource" - } - ] - }, - "type": "array" - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/fleets" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "fleets_members": { - "description": "Microsoft.ContainerService/fleets/members", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the Fleet member resource.", - "oneOf": [ - { - "maxLength": 50, - "minLength": 1, - "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a Fleet member.", - "oneOf": [ - { - "$ref": "#/definitions/FleetMemberProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/fleets/members" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ebpfDataplane": { - "description": "The eBPF dataplane used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "Overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "FleetHubProfile": { - "description": "The FleetHubProfile configures the fleet hub.", - "properties": { - "dnsPrefix": { - "description": "DNS prefix used to create the FQDN for the Fleet hub.", - "oneOf": [ - { - "maxLength": 54, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][a-zA-Z0-9-]{0,52}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "FleetMemberProperties": { - "description": "Properties of a Fleet member.", - "properties": { - "clusterResourceId": { - "description": "The ARM resource id of the cluster that joins the Fleet. Must be a valid Azure resource id. e.g.: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{clusterName}'.", - "type": "string" - } - }, - "type": "object" - }, - "FleetProperties": { - "description": "Properties of a Fleet.", - "properties": { - "hubProfile": { - "description": "The FleetHubProfile configures the Fleet's hub.", - "oneOf": [ - { - "$ref": "#/definitions/FleetHubProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "version", - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "ImageCleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "ImageCleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable ImageCleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "ImageCleaner scanning interval.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload Identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Workload Identity", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "controlledValues": { - "description": "Controls which resource value autoscaler will change. Default value is RequestsAndLimits.", - "oneOf": [ - { - "enum": [ - "RequestsAndLimits", - "RequestsOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "updateMode": { - "description": "Each update mode level is a superset of the lower levels. Off
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "fleets_members_childResource": { - "description": "Microsoft.ContainerService/fleets/members", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the Fleet member resource.", - "oneOf": [ - { - "maxLength": 50, - "minLength": 1, - "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a Fleet member.", - "oneOf": [ - { - "$ref": "#/definitions/FleetMemberProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "members" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "maxLength": 36, - "minLength": 1, - "type": "string" - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-10-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2022-10-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 71691414fd..0000000000 --- a/schemas/2022-10-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5060 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-10-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-10-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-10-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-10-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ebpfDataplane": { - "description": "The eBPF dataplane used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "Overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "version", - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATING) Whether to enable Kubernetes pod security policy (preview). This feature is set for removal on October 15th, 2020. Learn more at aka.ms/aks/azpodpolicy.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "ImageCleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "ImageCleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable ImageCleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "ImageCleaner scanning interval.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload Identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Workload Identity", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the container service cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "controlledValues": { - "description": "Controls which resource value autoscaler will change. Default value is RequestsAndLimits.", - "oneOf": [ - { - "enum": [ - "RequestsAndLimits", - "RequestsOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "updateMode": { - "description": "Each update mode level is a superset of the lower levels. Off
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-11-01/Microsoft.ContainerService.Aks.json b/schemas/2022-11-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 21739db6e3..0000000000 --- a/schemas/2022-11-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3744 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-11-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2022-11-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2022-11-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 8efe7e2102..0000000000 --- a/schemas/2022-11-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5094 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2022-11-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ebpfDataplane": { - "description": "The eBPF dataplane used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "Overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "version", - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "The client AAD application ID.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "The server AAD application ID.", - "type": "string" - }, - "serverAppSecret": { - "description": "The server AAD application secret.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [uptime SLA](https://docs.microsoft.com/azure/aks/uptime-sla) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "ImageCleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "ImageCleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable ImageCleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "ImageCleaner scanning interval.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload Identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Workload Identity", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "controlledValues": { - "description": "Controls which resource value autoscaler will change. Default value is RequestsAndLimits.", - "oneOf": [ - { - "enum": [ - "RequestsAndLimits", - "RequestsOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "updateMode": { - "description": "Each update mode level is a superset of the lower levels. Off
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2022-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-01-01/Microsoft.ContainerService.Aks.json b/schemas/2023-01-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 34e1b03db5..0000000000 --- a/schemas/2023-01-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3819 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-01-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic", - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-01-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2023-01-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 36cbd0bb17..0000000000 --- a/schemas/2023-01-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5152 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-01-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ebpfDataplane": { - "description": "The eBPF dataplane used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "Overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "version", - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Basic", - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Paid", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "ImageCleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "[Workload Identity](https://azure.github.io/azure-workload-identity/docs/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "ImageCleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable ImageCleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "ImageCleaner scanning interval.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload Identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Workload Identity", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "controlledValues": { - "description": "Controls which resource value autoscaler will change. Default value is RequestsAndLimits.", - "oneOf": [ - { - "enum": [ - "RequestsAndLimits", - "RequestsOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "updateMode": { - "description": "Each update mode level is a superset of the lower levels. Off
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-02-01/Microsoft.ContainerService.Aks.json b/schemas/2023-02-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index ffb3aa3609..0000000000 --- a/schemas/2023-02-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3914 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-02-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "The mode the network plugin should use.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-02-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2023-02-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index f9213771fa..0000000000 --- a/schemas/2023-02-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5271 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-02-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "Overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "version", - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "controlledValues": { - "description": "Controls which resource value autoscaler will change. Default value is RequestsAndLimits.", - "oneOf": [ - { - "enum": [ - "RequestsAndLimits", - "RequestsOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "updateMode": { - "description": "Each update mode level is a superset of the lower levels. Off
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-03-01/Microsoft.ContainerService.Aks.json b/schemas/2023-03-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 36ce5f4425..0000000000 --- a/schemas/2023-03-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3930 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-03-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "The mode the network plugin should use.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-03-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2023-03-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 66ec50be9c..0000000000 --- a/schemas/2023-03-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5287 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-03-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "dockerBridgeCidr": { - "description": "A CIDR notation IP range assigned to the Docker bridge network. It must not overlap with any Subnet IP ranges or the Kubernetes service address range.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "version", - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "CBLMariner", - "Mariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "controlledValues": { - "description": "Controls which resource value autoscaler will change. Default value is RequestsAndLimits.", - "oneOf": [ - { - "enum": [ - "RequestsAndLimits", - "RequestsOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "updateMode": { - "description": "Each update mode level is a superset of the lower levels. Off
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-03-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-04-01/Microsoft.ContainerService.Aks.json b/schemas/2023-04-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index e11ab0367a..0000000000 --- a/schemas/2023-04-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,3920 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-04-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "The mode the network plugin should use.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-04-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2023-04-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 6620627889..0000000000 --- a/schemas/2023-04-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5277 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-04-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "version", - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "controlledValues": { - "description": "Controls which resource value autoscaler will change. Default value is RequestsAndLimits.", - "oneOf": [ - { - "enum": [ - "RequestsAndLimits", - "RequestsOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "updateMode": { - "description": "Each update mode level is a superset of the lower levels. Off
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-04-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-05-01/Microsoft.ContainerService.Aks.json b/schemas/2023-05-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 62829f88a0..0000000000 --- a/schemas/2023-05-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4239 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-05-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "The mode the network plugin should use.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which week of the month the dayOfWeek applies.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-05-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2023-05-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 669aa50d44..0000000000 --- a/schemas/2023-05-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5305 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-05-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "monitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "oneOf": [ - { - "$ref": "#/definitions/NetworkMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "version", - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "controlledValues": { - "description": "Controls which resource value autoscaler will change. Default value is RequestsAndLimits.", - "oneOf": [ - { - "enum": [ - "RequestsAndLimits", - "RequestsOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "updateMode": { - "description": "Each update mode level is a superset of the lower levels. Off
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-05-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-06-01/Microsoft.ContainerService.Aks.json b/schemas/2023-06-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index f49d073432..0000000000 --- a/schemas/2023-06-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4344 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-06-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "The mode the network plugin should use.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "Manner in which the OS on your nodes is updated. The default is NodeImage.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which week of the month the dayOfWeek applies.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-06-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2023-06-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index ee9cdd9a5a..0000000000 --- a/schemas/2023-06-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5557 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-06-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolSecurityProfile": { - "description": "The security settings of an agent pool.", - "properties": { - "sshAccess": { - "description": "SSH access method of an agent pool.", - "oneOf": [ - { - "enum": [ - "LocalUser", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "monitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "oneOf": [ - { - "$ref": "#/definitions/NetworkMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "version", - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeSelector": { - "description": "NodeSelector for scheduling the egress gateway.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceId": { - "description": "Resource ID of the DNS Zone to be associated with the web app. Used only when Web App Routing is enabled.", - "type": "string" - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageIntegrity": { - "description": "Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageIntegrity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageIntegrity": { - "description": "Image integrity related settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable image integrity. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "controlledValues": { - "description": "Controls which resource value autoscaler will change. Default value is RequestsAndLimits.", - "oneOf": [ - { - "enum": [ - "RequestsAndLimits", - "RequestsOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "updateMode": { - "description": "Each update mode level is a superset of the lower levels. Off
Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-06-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-07-01/Microsoft.ContainerService.Aks.json b/schemas/2023-07-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 18562f86a5..0000000000 --- a/schemas/2023-07-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4400 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-07-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "The mode the network plugin should use.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "Manner in which the OS on your nodes is updated. The default is NodeImage.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which week of the month the dayOfWeek applies.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-07-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2023-07-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index aeea62fed0..0000000000 --- a/schemas/2023-07-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5724 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-07-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolSecurityProfile": { - "description": "The security settings of an agent pool.", - "properties": { - "sshAccess": { - "description": "SSH access method of an agent pool.", - "oneOf": [ - { - "enum": [ - "LocalUser", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "monitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "oneOf": [ - { - "$ref": "#/definitions/NetworkMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeSelector": { - "description": "NodeSelector for scheduling the egress gateway.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "logs": { - "description": "Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileContainerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.", - "type": "string" - }, - "windowsHostLogs": { - "description": "Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileWindowsHostLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileLogs": { - "description": "Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "appMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileContainerInsights" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "appMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAzureMonitorProfileWindowsHostLogs": { - "description": "Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Windows Host Log Collection is enabled or not for Azure Monitor Container Insights Logs Addon.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterCostAnalysis": { - "description": "The cost analysis configuration for the cluster", - "properties": { - "enabled": { - "description": "The Managed Cluster sku.tier must be set to 'Standard' to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceIds": { - "description": "Resource IDs of the public DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. All public DNS zones must be in the same resource group.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterMetricsProfile": { - "description": "The metrics profile for the ManagedCluster.", - "properties": { - "costAnalysis": { - "description": "The cost analysis configuration for the cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterCostAnalysis" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metricsProfile": { - "description": "Optional cluster metrics configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterMetricsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageIntegrity": { - "description": "Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageIntegrity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageIntegrity": { - "description": "Image integrity related settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable image integrity. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "NetworkMonitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "properties": { - "enabled": { - "description": "Enable or disable the network monitoring plugin on the cluster", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PortRange": { - "description": "The port range.", - "properties": { - "portEnd": { - "description": "The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "portStart": { - "description": "The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "description": "The network protocol of the port.", - "oneOf": [ - { - "enum": [ - "TCP", - "UDP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which instance of the allowed days specified in daysOfWeek the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-07-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-08-01/Microsoft.ContainerService.Aks.json b/schemas/2023-08-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 07de4a358c..0000000000 --- a/schemas/2023-08-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4636 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-08-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "The mode the network plugin should use.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeSelector": { - "description": "NodeSelector for scheduling the egress gateway.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "Manner in which the OS on your nodes is updated. The default is NodeImage.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which week of the month the dayOfWeek applies.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "type": "string" - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-08-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2023-08-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index ca6b59262a..0000000000 --- a/schemas/2023-08-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5793 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-08-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolSecurityProfile": { - "description": "The security settings of an agent pool.", - "properties": { - "sshAccess": { - "description": "SSH access method of an agent pool.", - "oneOf": [ - { - "enum": [ - "LocalUser", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "monitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "oneOf": [ - { - "$ref": "#/definitions/NetworkMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "none", - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeSelector": { - "description": "NodeSelector for scheduling the egress gateway.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "logs": { - "description": "Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileContainerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.", - "type": "string" - }, - "windowsHostLogs": { - "description": "Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileWindowsHostLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileLogs": { - "description": "Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "appMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileContainerInsights" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "appMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAzureMonitorProfileWindowsHostLogs": { - "description": "Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Windows Host Log Collection is enabled or not for Azure Monitor Container Insights Logs Addon.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterCostAnalysis": { - "description": "The cost analysis configuration for the cluster", - "properties": { - "enabled": { - "description": "The Managed Cluster sku.tier must be set to 'Standard' to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceIds": { - "description": "Resource IDs of the public DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. All public DNS zones must be in the same resource group.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterMetricsProfile": { - "description": "The metrics profile for the ManagedCluster.", - "properties": { - "costAnalysis": { - "description": "The cost analysis configuration for the cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterCostAnalysis" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metricsProfile": { - "description": "Optional cluster metrics configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterMetricsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "daemonset-eviction-for-empty-nodes": { - "description": "If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daemonset-eviction-for-occupied-nodes": { - "description": "If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "expander": { - "description": "Available values are: 'least-waste', 'most-pods', 'priority', 'random'.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "expanders": { - "description": "Available values are: 'least-waste', 'most-pods', 'priority', 'random'. If multiple expanders are configured, they will be considered in the order in which they are listed, with the first one being considered first.", - "oneOf": [ - { - "items": { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ignore-daemonsets-utilization": { - "description": "If set to true, the resources used by daemonset will be taken into account when making scaling down decisions.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageIntegrity": { - "description": "Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageIntegrity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageIntegrity": { - "description": "Image integrity related settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable image integrity. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "addonAutoscaling": { - "description": "Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA add-on in cluster. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "NetworkMonitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "properties": { - "enabled": { - "description": "Enable or disable the network monitoring plugin on the cluster", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PortRange": { - "description": "The port range.", - "properties": { - "portEnd": { - "description": "The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "portStart": { - "description": "The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "description": "The network protocol of the port.", - "oneOf": [ - { - "enum": [ - "TCP", - "UDP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which instance of the allowed days specified in daysOfWeek the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-08-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-09-01/Microsoft.ContainerService.Aks.json b/schemas/2023-09-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 015eea90fa..0000000000 --- a/schemas/2023-09-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4785 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-09-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "The mode the network plugin should use.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeSelector": { - "description": "NodeSelector for scheduling the egress gateway.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "Manner in which the OS on your nodes is updated. The default is NodeImage.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which week of the month the dayOfWeek applies.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-01" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-09-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2023-09-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index becca0bfa3..0000000000 --- a/schemas/2023-09-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5945 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-09-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolArtifactStreamingProfile": { - "properties": { - "enabled": { - "description": "Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolGPUProfile": { - "properties": { - "installGPUDriver": { - "description": "The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolSecurityProfile": { - "description": "The security settings of an agent pool.", - "properties": { - "sshAccess": { - "description": "SSH access method of an agent pool.", - "oneOf": [ - { - "enum": [ - "LocalUser", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - }, - "nodeSoakDurationInMinutes": { - "description": "The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.", - "oneOf": [ - { - "maximum": 30, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "monitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "oneOf": [ - { - "$ref": "#/definitions/NetworkMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "none", - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeSelector": { - "description": "NodeSelector for scheduling the egress gateway.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAIToolchainOperatorProfile": { - "description": "When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them.", - "properties": { - "enabled": { - "description": "Indicates if AI toolchain operator enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "artifactStreamingProfile": { - "description": "Configuration for using artifact streaming on AKS.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolArtifactStreamingProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuProfile": { - "description": "The GPU settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolGPUProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022", - "WindowsAnnual" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet", - "VirtualMachines" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "artifactStreamingProfile": { - "description": "Configuration for using artifact streaming on AKS.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolArtifactStreamingProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuProfile": { - "description": "The GPU settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolGPUProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022", - "WindowsAnnual" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet", - "VirtualMachines" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "logs": { - "description": "Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileContainerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.", - "type": "string" - }, - "windowsHostLogs": { - "description": "Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileWindowsHostLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileLogs": { - "description": "Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "appMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileContainerInsights" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "appMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAzureMonitorProfileWindowsHostLogs": { - "description": "Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Windows Host Log Collection is enabled or not for Azure Monitor Container Insights Logs Addon.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterCostAnalysis": { - "description": "The cost analysis configuration for the cluster", - "properties": { - "enabled": { - "description": "The Managed Cluster sku.tier must be set to 'Standard' to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceIds": { - "description": "Resource IDs of the public DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. All public DNS zones must be in the same resource group.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterMetricsProfile": { - "description": "The metrics profile for the ManagedCluster.", - "properties": { - "costAnalysis": { - "description": "The cost analysis configuration for the cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterCostAnalysis" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeProvisioningProfile": { - "properties": { - "mode": { - "description": "Once the mode it set to Auto, it cannot be changed back to Manual.", - "oneOf": [ - { - "enum": [ - "Manual", - "Auto" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "aiToolchainOperatorProfile": { - "description": "AI toolchain operator settings that apply to the whole cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAIToolchainOperatorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metricsProfile": { - "description": "Optional cluster metrics configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterMetricsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeProvisioningProfile": { - "description": "Node provisioning settings that apply to the whole cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeProvisioningProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "daemonset-eviction-for-empty-nodes": { - "description": "If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daemonset-eviction-for-occupied-nodes": { - "description": "If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "expander": { - "description": "Available values are: 'least-waste', 'most-pods', 'priority', 'random'.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "expanders": { - "description": "Available values are: 'least-waste', 'most-pods', 'priority', 'random'. If multiple expanders are configured, they will be considered in the order in which they are listed, with the first one being considered first.", - "oneOf": [ - { - "items": { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ignore-daemonsets-utilization": { - "description": "If set to true, the resources used by daemonset will be taken into account when making scaling down decisions.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageIntegrity": { - "description": "Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageIntegrity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageIntegrity": { - "description": "Image integrity related settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable image integrity. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "addonAutoscaling": { - "description": "Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA add-on in cluster. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "NetworkMonitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "properties": { - "enabled": { - "description": "Enable or disable the network monitoring plugin on the cluster", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PortRange": { - "description": "The port range.", - "properties": { - "portEnd": { - "description": "The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "portStart": { - "description": "The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "description": "The network protocol of the port.", - "oneOf": [ - { - "enum": [ - "TCP", - "UDP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which instance of the allowed days specified in daysOfWeek the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-09-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-10-01/Microsoft.ContainerService.Aks.json b/schemas/2023-10-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 251e2c592e..0000000000 --- a/schemas/2023-10-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4939 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-10-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "The mode the network plugin should use.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeSelector": { - "description": "NodeSelector for scheduling the egress gateway.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "Manner in which the OS on your nodes is updated. The default is NodeImage.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PortRange": { - "description": "The port range.", - "properties": { - "portEnd": { - "description": "The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "portStart": { - "description": "The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "description": "The network protocol of the port.", - "oneOf": [ - { - "enum": [ - "TCP", - "UDP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which week of the month the dayOfWeek applies.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-01" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-10-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2023-10-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 06378c2f4d..0000000000 --- a/schemas/2023-10-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,6094 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-10-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolArtifactStreamingProfile": { - "properties": { - "enabled": { - "description": "Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolGPUProfile": { - "properties": { - "installGPUDriver": { - "description": "The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolSecurityProfile": { - "description": "The security settings of an agent pool.", - "properties": { - "sshAccess": { - "description": "SSH access method of an agent pool.", - "oneOf": [ - { - "enum": [ - "LocalUser", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - }, - "nodeSoakDurationInMinutes": { - "description": "The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.", - "oneOf": [ - { - "maximum": 30, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "monitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "oneOf": [ - { - "$ref": "#/definitions/NetworkMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "none", - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "GuardrailsProfile": { - "description": "The Guardrails profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from guardrails checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The guardrails level to be used. By default, Guardrails is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "level" - ], - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeSelector": { - "description": "NodeSelector for scheduling the egress gateway.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAIToolchainOperatorProfile": { - "description": "When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them.", - "properties": { - "enabled": { - "description": "Indicates if AI toolchain operator enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "artifactStreamingProfile": { - "description": "Configuration for using artifact streaming on AKS.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolArtifactStreamingProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuProfile": { - "description": "The GPU settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolGPUProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeInitializationTaints": { - "description": "These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022", - "WindowsAnnual" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet", - "VirtualMachines" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachineNodesStatus": { - "description": "The status of nodes in a VirtualMachines agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/VirtualMachineNodes" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachinesProfile": { - "description": "Specifications on VirtualMachines agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/VirtualMachinesProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "artifactStreamingProfile": { - "description": "Configuration for using artifact streaming on AKS.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolArtifactStreamingProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuProfile": { - "description": "The GPU settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolGPUProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeInitializationTaints": { - "description": "These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022", - "WindowsAnnual" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet", - "VirtualMachines" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachineNodesStatus": { - "description": "The status of nodes in a VirtualMachines agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/VirtualMachineNodes" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachinesProfile": { - "description": "Specifications on VirtualMachines agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/VirtualMachinesProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "logs": { - "description": "Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileContainerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.", - "type": "string" - }, - "windowsHostLogs": { - "description": "Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileWindowsHostLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileLogs": { - "description": "Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "appMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileContainerInsights" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "appMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAzureMonitorProfileWindowsHostLogs": { - "description": "Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Windows Host Log Collection is enabled or not for Azure Monitor Container Insights Logs Addon.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterCostAnalysis": { - "description": "The cost analysis configuration for the cluster", - "properties": { - "enabled": { - "description": "The Managed Cluster sku.tier must be set to 'Standard' to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceIds": { - "description": "Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterMetricsProfile": { - "description": "The metrics profile for the ManagedCluster.", - "properties": { - "costAnalysis": { - "description": "The cost analysis configuration for the cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterCostAnalysis" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeProvisioningProfile": { - "properties": { - "mode": { - "description": "Once the mode it set to Auto, it cannot be changed back to Manual.", - "oneOf": [ - { - "enum": [ - "Manual", - "Auto" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "aiToolchainOperatorProfile": { - "description": "AI toolchain operator settings that apply to the whole cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAIToolchainOperatorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "guardrailsProfile": { - "description": "The guardrails profile holds all the guardrails information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/GuardrailsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metricsProfile": { - "description": "Optional cluster metrics configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterMetricsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeProvisioningProfile": { - "description": "Node provisioning settings that apply to the whole cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeProvisioningProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "daemonset-eviction-for-empty-nodes": { - "description": "If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daemonset-eviction-for-occupied-nodes": { - "description": "If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "expander": { - "description": "Available values are: 'least-waste', 'most-pods', 'priority', 'random'.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ignore-daemonsets-utilization": { - "description": "If set to true, the resources used by daemonset will be taken into account when making scaling down decisions.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageIntegrity": { - "description": "Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageIntegrity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageIntegrity": { - "description": "Image integrity related settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable image integrity. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "addonAutoscaling": { - "description": "Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA add-on in cluster. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "ManualScaleProfile": { - "description": "Specifications on number of machines.", - "properties": { - "count": { - "description": "Number of nodes.", - "oneOf": [ - { - "maximum": 1000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sizes": { - "description": "The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "NetworkMonitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "properties": { - "enabled": { - "description": "Enable or disable the network monitoring plugin on the cluster", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PortRange": { - "description": "The port range.", - "properties": { - "portEnd": { - "description": "The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "portStart": { - "description": "The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "description": "The network protocol of the port.", - "oneOf": [ - { - "enum": [ - "TCP", - "UDP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which instance of the allowed days specified in daysOfWeek the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "ScaleProfile": { - "description": "Specifications on how to scale a VirtualMachines agent pool.", - "properties": { - "manual": { - "description": "Specifications on how to scale the VirtualMachines agent pool to a fixed size.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManualScaleProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "VirtualMachineNodes": { - "description": "Current status on a group of nodes of the same vm size.", - "properties": { - "count": { - "description": "Number of nodes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "size": { - "description": "The VM size of the agents used to host this group of nodes.", - "type": "string" - } - }, - "type": "object" - }, - "VirtualMachinesProfile": { - "description": "Specifications on VirtualMachines agent pool.", - "properties": { - "scale": { - "description": "Specifications on how to scale a VirtualMachines agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ScaleProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-10-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-11-01/Microsoft.ContainerService.Aks.json b/schemas/2023-11-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 0b10fbb4cc..0000000000 --- a/schemas/2023-11-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,4952 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-11-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - }, - "nodeSoakDurationInMinutes": { - "description": "The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.", - "oneOf": [ - { - "maximum": 30, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "The mode the network plugin should use.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeSelector": { - "description": "NodeSelector for scheduling the egress gateway.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "Manner in which the OS on your nodes is updated. The default is NodeImage.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PortRange": { - "description": "The port range.", - "properties": { - "portEnd": { - "description": "The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "portStart": { - "description": "The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "description": "The network protocol of the port.", - "oneOf": [ - { - "enum": [ - "TCP", - "UDP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which week of the month the dayOfWeek applies.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-01" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2023-11-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2023-11-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 8e177c4426..0000000000 --- a/schemas/2023-11-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,6116 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2023-11-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolArtifactStreamingProfile": { - "properties": { - "enabled": { - "description": "Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolGPUProfile": { - "properties": { - "installGPUDriver": { - "description": "The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolSecurityProfile": { - "description": "The security settings of an agent pool.", - "properties": { - "enableSecureBoot": { - "description": "Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVTPM": { - "description": "vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sshAccess": { - "description": "SSH access method of an agent pool.", - "oneOf": [ - { - "enum": [ - "LocalUser", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - }, - "nodeSoakDurationInMinutes": { - "description": "The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.", - "oneOf": [ - { - "maximum": 30, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "monitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "oneOf": [ - { - "$ref": "#/definitions/NetworkMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "none", - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeSelector": { - "description": "NodeSelector for scheduling the egress gateway.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAIToolchainOperatorProfile": { - "description": "When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them.", - "properties": { - "enabled": { - "description": "Indicates if AI toolchain operator enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "artifactStreamingProfile": { - "description": "Configuration for using artifact streaming on AKS.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolArtifactStreamingProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuProfile": { - "description": "The GPU settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolGPUProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeInitializationTaints": { - "description": "These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022", - "WindowsAnnual" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet", - "VirtualMachines" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachineNodesStatus": { - "description": "The status of nodes in a VirtualMachines agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/VirtualMachineNodes" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachinesProfile": { - "description": "Specifications on VirtualMachines agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/VirtualMachinesProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "artifactStreamingProfile": { - "description": "Configuration for using artifact streaming on AKS.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolArtifactStreamingProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuProfile": { - "description": "The GPU settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolGPUProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeInitializationTaints": { - "description": "These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022", - "WindowsAnnual" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet", - "VirtualMachines" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachineNodesStatus": { - "description": "The status of nodes in a VirtualMachines agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/VirtualMachineNodes" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachinesProfile": { - "description": "Specifications on VirtualMachines agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/VirtualMachinesProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "logs": { - "description": "Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileContainerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.", - "type": "string" - }, - "windowsHostLogs": { - "description": "Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileWindowsHostLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileLogs": { - "description": "Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "appMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileContainerInsights" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "appMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAzureMonitorProfileWindowsHostLogs": { - "description": "Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Windows Host Log Collection is enabled or not for Azure Monitor Container Insights Logs Addon.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterCostAnalysis": { - "description": "The cost analysis configuration for the cluster", - "properties": { - "enabled": { - "description": "The Managed Cluster sku.tier must be set to 'Standard' to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceIds": { - "description": "Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterMetricsProfile": { - "description": "The metrics profile for the ManagedCluster.", - "properties": { - "costAnalysis": { - "description": "The cost analysis configuration for the cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterCostAnalysis" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeProvisioningProfile": { - "properties": { - "mode": { - "description": "Once the mode it set to Auto, it cannot be changed back to Manual.", - "oneOf": [ - { - "enum": [ - "Manual", - "Auto" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "aiToolchainOperatorProfile": { - "description": "AI toolchain operator settings that apply to the whole cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAIToolchainOperatorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metricsProfile": { - "description": "Optional cluster metrics configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterMetricsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeProvisioningProfile": { - "description": "Node provisioning settings that apply to the whole cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeProvisioningProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "safeguardsProfile": { - "description": "The Safeguards profile holds all the safeguards information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/SafeguardsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "daemonset-eviction-for-empty-nodes": { - "description": "If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daemonset-eviction-for-occupied-nodes": { - "description": "If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "expander": { - "description": "Available values are: 'least-waste', 'most-pods', 'priority', 'random'.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ignore-daemonsets-utilization": { - "description": "If set to true, the resources used by daemonset will be taken into account when making scaling down decisions.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageIntegrity": { - "description": "Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageIntegrity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageIntegrity": { - "description": "Image integrity related settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable image integrity. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "addonAutoscaling": { - "description": "Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA add-on in cluster. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "ManualScaleProfile": { - "description": "Specifications on number of machines.", - "properties": { - "count": { - "description": "Number of nodes.", - "oneOf": [ - { - "maximum": 1000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sizes": { - "description": "The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "NetworkMonitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "properties": { - "enabled": { - "description": "Enable or disable the network monitoring plugin on the cluster", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PortRange": { - "description": "The port range.", - "properties": { - "portEnd": { - "description": "The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "portStart": { - "description": "The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "description": "The network protocol of the port.", - "oneOf": [ - { - "enum": [ - "TCP", - "UDP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which instance of the allowed days specified in daysOfWeek the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SafeguardsProfile": { - "description": "The Safeguards profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from Safeguards checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "level" - ], - "type": "object" - }, - "ScaleProfile": { - "description": "Specifications on how to scale a VirtualMachines agent pool.", - "properties": { - "manual": { - "description": "Specifications on how to scale the VirtualMachines agent pool to a fixed size.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManualScaleProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "VirtualMachineNodes": { - "description": "Current status on a group of nodes of the same vm size.", - "properties": { - "count": { - "description": "Number of nodes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "size": { - "description": "The VM size of the agents used to host this group of nodes.", - "type": "string" - } - }, - "type": "object" - }, - "VirtualMachinesProfile": { - "description": "Specifications on VirtualMachines agent pool.", - "properties": { - "scale": { - "description": "Specifications on how to scale a VirtualMachines agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ScaleProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2023-11-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2024-01-01/Microsoft.ContainerService.Aks.json b/schemas/2024-01-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 0ca38a1fa5..0000000000 --- a/schemas/2024-01-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5011 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2024-01-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - }, - "nodeSoakDurationInMinutes": { - "description": "The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.", - "oneOf": [ - { - "maximum": 30, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "The mode the network plugin should use.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeSelector": { - "description": "NodeSelector for scheduling the egress gateway.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "Manner in which the OS on your nodes is updated. The default is NodeImage.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "App Routing settings for the ingress profile. You can find an overview and onboarding guide for this feature at https://learn.microsoft.com/en-us/azure/aks/app-routing?tabs=default%2Cdeploy-app-default.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Application Routing add-on settings for the ingress profile.", - "properties": { - "dnsZoneResourceIds": { - "description": "Resource IDs of the DNS zones to be associated with the Application Routing add-on. Used only when Application Routing add-on is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable the Application Routing add-on.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PortRange": { - "description": "The port range.", - "properties": { - "portEnd": { - "description": "The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "portStart": { - "description": "The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "description": "The network protocol of the port.", - "oneOf": [ - { - "enum": [ - "TCP", - "UDP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which week of the month the dayOfWeek applies.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-01" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2024-01-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2024-01-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 05e536d1db..0000000000 --- a/schemas/2024-01-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,6182 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2024-01-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolArtifactStreamingProfile": { - "properties": { - "enabled": { - "description": "Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolGPUProfile": { - "properties": { - "installGPUDriver": { - "description": "The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolSecurityProfile": { - "description": "The security settings of an agent pool.", - "properties": { - "enableSecureBoot": { - "description": "Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVTPM": { - "description": "vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sshAccess": { - "description": "SSH access method of an agent pool.", - "oneOf": [ - { - "enum": [ - "LocalUser", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - }, - "nodeSoakDurationInMinutes": { - "description": "The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.", - "oneOf": [ - { - "maximum": 30, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "monitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "oneOf": [ - { - "$ref": "#/definitions/NetworkMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "none", - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeSelector": { - "description": "NodeSelector for scheduling the egress gateway.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAIToolchainOperatorProfile": { - "description": "When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them.", - "properties": { - "enabled": { - "description": "Indicates if AI toolchain operator enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "artifactStreamingProfile": { - "description": "Configuration for using artifact streaming on AKS.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolArtifactStreamingProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuProfile": { - "description": "The GPU settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolGPUProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeInitializationTaints": { - "description": "These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022", - "WindowsAnnual" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIPAllocationMode": { - "description": "The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is 'DynamicIndividual'.", - "oneOf": [ - { - "enum": [ - "DynamicIndividual", - "StaticBlock" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet", - "VirtualMachines" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachineNodesStatus": { - "description": "The status of nodes in a VirtualMachines agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/VirtualMachineNodes" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachinesProfile": { - "description": "Specifications on VirtualMachines agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/VirtualMachinesProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "artifactStreamingProfile": { - "description": "Configuration for using artifact streaming on AKS.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolArtifactStreamingProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuProfile": { - "description": "The GPU settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolGPUProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeInitializationTaints": { - "description": "These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022", - "WindowsAnnual" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIPAllocationMode": { - "description": "The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is 'DynamicIndividual'.", - "oneOf": [ - { - "enum": [ - "DynamicIndividual", - "StaticBlock" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet", - "VirtualMachines" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachineNodesStatus": { - "description": "The status of nodes in a VirtualMachines agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/VirtualMachineNodes" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachinesProfile": { - "description": "Specifications on VirtualMachines agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/VirtualMachinesProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "logs": { - "description": "Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileContainerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.", - "type": "string" - }, - "windowsHostLogs": { - "description": "Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileWindowsHostLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileLogs": { - "description": "Logs profile for the Azure Monitor Infrastructure and Application Logs. Collect out-of-the-box Kubernetes infrastructure & application logs to send to Azure Monitor. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "appMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileContainerInsights" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "appMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAzureMonitorProfileWindowsHostLogs": { - "description": "Windows Host Logs Profile for Kubernetes Windows Nodes Log Collection. Collects ETW, Event Logs and Text logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Windows Host Log Collection is enabled or not for Azure Monitor Container Insights Logs Addon.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterBootstrapProfile": { - "description": "The bootstrap profile.", - "properties": { - "artifactSource": { - "description": "The source where the artifacts are downloaded from.", - "oneOf": [ - { - "enum": [ - "Cache", - "Direct" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerRegistryId": { - "description": "The resource Id of Azure Container Registry. The registry must have private network access, premium SKU and zone redundancy.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterCostAnalysis": { - "description": "The cost analysis configuration for the cluster", - "properties": { - "enabled": { - "description": "The Managed Cluster sku.tier must be set to 'Standard' to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceIds": { - "description": "Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterMetricsProfile": { - "description": "The metrics profile for the ManagedCluster.", - "properties": { - "costAnalysis": { - "description": "The cost analysis configuration for the cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterCostAnalysis" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeProvisioningProfile": { - "properties": { - "mode": { - "description": "Once the mode it set to Auto, it cannot be changed back to Manual.", - "oneOf": [ - { - "enum": [ - "Manual", - "Auto" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "aiToolchainOperatorProfile": { - "description": "AI toolchain operator settings that apply to the whole cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAIToolchainOperatorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "bootstrapProfile": { - "description": "Profile of the cluster bootstrap configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterBootstrapProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metricsProfile": { - "description": "Optional cluster metrics configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterMetricsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeProvisioningProfile": { - "description": "Node provisioning settings that apply to the whole cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeProvisioningProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "safeguardsProfile": { - "description": "The Safeguards profile holds all the safeguards information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/SafeguardsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "daemonset-eviction-for-empty-nodes": { - "description": "If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daemonset-eviction-for-occupied-nodes": { - "description": "If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "expander": { - "description": "Available values are: 'least-waste', 'most-pods', 'priority', 'random'.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ignore-daemonsets-utilization": { - "description": "If set to true, the resources used by daemonset will be taken into account when making scaling down decisions.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageIntegrity": { - "description": "Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageIntegrity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageIntegrity": { - "description": "Image integrity related settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable image integrity. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "addonAutoscaling": { - "description": "Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA add-on in cluster. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "ManualScaleProfile": { - "description": "Specifications on number of machines.", - "properties": { - "count": { - "description": "Number of nodes.", - "oneOf": [ - { - "maximum": 1000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sizes": { - "description": "The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "NetworkMonitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "properties": { - "enabled": { - "description": "Enable or disable the network monitoring plugin on the cluster", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PortRange": { - "description": "The port range.", - "properties": { - "portEnd": { - "description": "The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "portStart": { - "description": "The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "description": "The network protocol of the port.", - "oneOf": [ - { - "enum": [ - "TCP", - "UDP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which instance of the allowed days specified in daysOfWeek the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SafeguardsProfile": { - "description": "The Safeguards profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from Safeguards checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "level" - ], - "type": "object" - }, - "ScaleProfile": { - "description": "Specifications on how to scale a VirtualMachines agent pool.", - "properties": { - "manual": { - "description": "Specifications on how to scale the VirtualMachines agent pool to a fixed size.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManualScaleProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "VirtualMachineNodes": { - "description": "Current status on a group of nodes of the same vm size.", - "properties": { - "count": { - "description": "Number of nodes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "size": { - "description": "The VM size of the agents used to host this group of nodes.", - "type": "string" - } - }, - "type": "object" - }, - "VirtualMachinesProfile": { - "description": "Specifications on VirtualMachines agent pool.", - "properties": { - "scale": { - "description": "Specifications on how to scale a VirtualMachines agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ScaleProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2024-01-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2024-02-01/Microsoft.ContainerService.Aks.json b/schemas/2024-02-01/Microsoft.ContainerService.Aks.json deleted file mode 100644 index 6613fdbda4..0000000000 --- a/schemas/2024-02-01/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,5080 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2024-02-01/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-01" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-01" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - }, - "nodeSoakDurationInMinutes": { - "description": "The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.", - "oneOf": [ - { - "maximum": 30, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "The mode the network plugin should use.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. The default is Ubuntu if OSType is Linux. The default is Windows2019 when Kubernetes <= 1.24 or Windows2022 when Kubernetes >= 1.25 if OSType is Windows.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "Manner in which the OS on your nodes is updated. The default is NodeImage.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "properties": { - "metrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of Kubernetes annotation keys that will be used in the resource's labels metric (Example: 'namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric (Example: 'namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...'). By default the metric contains only resource name and namespace labels.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the Azure Monitor managed service for Prometheus addon. Collect out-of-the-box Kubernetes infrastructure metrics to send to an Azure Monitor Workspace and configure additional scraping for custom targets. See aka.ms/AzureManagedPrometheus for an overview.", - "properties": { - "enabled": { - "description": "Whether to enable or disable the Azure Managed Prometheus addon for Prometheus monitoring. See aka.ms/AzureManagedPrometheus-aks-enable for details on enabling and disabling.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics profile for the Azure Managed Prometheus addon. These optional settings are for the kube-state-metrics pod that is deployed with the addon. See aka.ms/AzureManagedPrometheus-optional-parameters for details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterCostAnalysis": { - "description": "The cost analysis configuration for the cluster", - "properties": { - "enabled": { - "description": "The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "App Routing settings for the ingress profile. You can find an overview and onboarding guide for this feature at https://learn.microsoft.com/en-us/azure/aks/app-routing?tabs=default%2Cdeploy-app-default.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Application Routing add-on settings for the ingress profile.", - "properties": { - "dnsZoneResourceIds": { - "description": "Resource IDs of the DNS zones to be associated with the Application Routing add-on. Used only when Application Routing add-on is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable the Application Routing add-on.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterMetricsProfile": { - "description": "The metrics profile for the ManagedCluster.", - "properties": { - "costAnalysis": { - "description": "The cost analysis configuration for the cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterCostAnalysis" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Azure Monitor addon profiles for monitoring the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "Both patch version (e.g. 1.20.13) and (e.g. 1.20) are supported. When is specified, the latest supported GA patch version is chosen automatically. Updating the cluster with the same once it has been created (e.g. 1.14.x -> 1.14) will not trigger an upgrade, even if a newer patch version is available. When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metricsProfile": { - "description": "Optional cluster metrics configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterMetricsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "expander": { - "description": "If not specified, the default is 'random'. See [expanders](https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/FAQ.md#what-are-expanders) for more information.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "description": "VPA (Vertical Pod Autoscaler) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable VPA. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "PortRange": { - "description": "The port range.", - "properties": { - "portEnd": { - "description": "The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "portStart": { - "description": "The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "description": "The network protocol of the port.", - "oneOf": [ - { - "enum": [ - "TCP", - "UDP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which week of the month the dayOfWeek applies.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-01" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/2024-02-02-preview/Microsoft.ContainerService.Aks.json b/schemas/2024-02-02-preview/Microsoft.ContainerService.Aks.json deleted file mode 100644 index e178e303fd..0000000000 --- a/schemas/2024-02-02-preview/Microsoft.ContainerService.Aks.json +++ /dev/null @@ -1,6312 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2024-02-02-preview/Microsoft.ContainerService.Aks.json#", - "title": "Microsoft.ContainerService", - "description": "Microsoft ContainerService Resource Types", - "$schema": "http://json-schema.org/draft-04/schema#", - "resourceDefinitions": { - "managedClusters": { - "description": "Microsoft.ContainerService/managedClusters", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-02-preview" - ], - "type": "string" - }, - "extendedLocation": { - "description": "The extended location of the Virtual Machine.", - "oneOf": [ - { - "$ref": "#/definitions/ExtendedLocation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identity": { - "description": "The identity of the managed cluster, if configured.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kind": { - "description": "This is primarily used to expose different UI experiences in the portal for different kinds", - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resources": { - "items": { - "oneOf": [ - { - "$ref": "#/definitions/managedClusters_agentPools_childResource" - }, - { - "$ref": "#/definitions/managedClusters_maintenanceConfigurations_childResource" - }, - { - "$ref": "#/definitions/managedClusters_trustedAccessRoleBindings_childResource" - }, - { - "$ref": "#/definitions/managedClusters_privateEndpointConnections_childResource" - } - ] - }, - "type": "array" - }, - "sku": { - "description": "The managed cluster SKU.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSKU" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_agentPools": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedclustersnapshots": { - "description": "Microsoft.ContainerService/managedclustersnapshots", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a managed cluster snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/managedclustersnapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "snapshots": { - "description": "Microsoft.ContainerService/snapshots", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-02-preview" - ], - "type": "string" - }, - "location": { - "description": "The geo-location where the resource lives", - "type": "string" - }, - "name": { - "description": "The name of the managed cluster resource.", - "oneOf": [ - { - "maxLength": 63, - "minLength": 1, - "pattern": "^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/SnapshotProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "Resource tags.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "Microsoft.ContainerService/snapshots" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - }, - "definitions": { - "AbsoluteMonthlySchedule": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "properties": { - "dayOfMonth": { - "description": "The date of the month.", - "oneOf": [ - { - "maximum": 31, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "dayOfMonth" - ], - "type": "object" - }, - "AgentPoolArtifactStreamingProfile": { - "properties": { - "enabled": { - "description": "Artifact streaming speeds up the cold-start of containers on a node through on-demand image loading. To use this feature, container images must also enable artifact streaming on ACR. If not specified, the default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolGPUProfile": { - "properties": { - "installGPUDriver": { - "description": "The default value is true when the vmSize of the agent pool contains a GPU, false otherwise. GPU Driver Installation can only be set true when VM has an associated GPU resource. Setting this field to false prevents automatic GPU driver installation. In that case, in order for the GPU to be usable, the user must perform GPU driver installation themselves.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolGatewayProfile": { - "description": "Profile of the managed cluster gateway agent pool.", - "properties": { - "publicIPPrefixSize": { - "description": "The Gateway agent pool associates one public IPPrefix for each static egress gateway to provide public egress. The size of Public IPPrefix should be selected by the user. Each node in the agent pool is assigned with one IP from the IPPrefix. The IPPrefix size thus serves as a cap on the size of the Gateway agent pool. Due to Azure public IPPrefix size limitation, the valid value range is [28, 31] (/31 = 2 nodes/IPs, /30 = 4 nodes/IPs, /29 = 8 nodes/IPs, /28 = 16 nodes/IPs). The default value is 31.", - "oneOf": [ - { - "maximum": 31, - "minimum": 28, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolNetworkProfile": { - "description": "Network settings of an agent pool.", - "properties": { - "allowedHostPorts": { - "description": "The port ranges that are allowed to access. The specified ranges are allowed to overlap.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PortRange" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "applicationSecurityGroups": { - "description": "The IDs of the application security groups which agent pool will associate when created.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPTags": { - "description": "IPTags of instance-level public IPs.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IPTag" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolSecurityProfile": { - "description": "The security settings of an agent pool.", - "properties": { - "enableSecureBoot": { - "description": "Secure Boot is a feature of Trusted Launch which ensures that only signed operating systems and drivers can boot. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVTPM": { - "description": "vTPM is a Trusted Launch feature for configuring a dedicated secure vault for keys and measurements held locally on the node. For more details, see aka.ms/aks/trustedlaunch. If not specified, the default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sshAccess": { - "description": "SSH access method of an agent pool.", - "oneOf": [ - { - "enum": [ - "LocalUser", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolUpgradeSettings": { - "description": "Settings for upgrading an agentpool", - "properties": { - "drainTimeoutInMinutes": { - "description": "The amount of time (in minutes) to wait on eviction of pods and graceful termination per node. This eviction wait time honors waiting on pod disruption budgets. If this time is exceeded, the upgrade fails. If not specified, the default is 30 minutes.", - "oneOf": [ - { - "maximum": 1440, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxSurge": { - "description": "This can either be set to an integer (e.g. '5') or a percentage (e.g. '50%'). If a percentage is specified, it is the percentage of the total agent pool size at the time of the upgrade. For percentages, fractional nodes are rounded up. If not specified, the default is 1. For more information, including best practices, see: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade", - "type": "string" - }, - "nodeSoakDurationInMinutes": { - "description": "The amount of time (in minutes) to wait after draining a node and before reimaging it and moving on to next node. If not specified, the default is 0 minutes.", - "oneOf": [ - { - "maximum": 30, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AgentPoolWindowsProfile": { - "description": "The Windows agent pool's specific profile.", - "properties": { - "disableOutboundNat": { - "description": "The default value is false. Outbound NAT can only be disabled if the cluster outboundType is NAT Gateway and the Windows agent pool does not have node public IP enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "AzureKeyVaultKms": { - "description": "Azure Key Vault key management service settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Azure Key Vault key management service. The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyId": { - "description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty.", - "type": "string" - }, - "keyVaultNetworkAccess": { - "description": "Network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`.", - "oneOf": [ - { - "enum": [ - "Public", - "Private" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "keyVaultResourceId": { - "description": "Resource ID of key vault. When keyVaultNetworkAccess is `Private`, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is `Public`, leave the field empty.", - "type": "string" - } - }, - "type": "object" - }, - "ClusterUpgradeSettings": { - "description": "Settings for upgrading a cluster.", - "properties": { - "overrideSettings": { - "description": "Settings for overrides.", - "oneOf": [ - { - "$ref": "#/definitions/UpgradeOverrideSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceLinuxProfile": { - "description": "Profile for Linux VMs in the container service cluster.", - "properties": { - "adminUsername": { - "description": "The administrator username to use for Linux VMs.", - "oneOf": [ - { - "pattern": "^[A-Za-z][-A-Za-z0-9_]*$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ssh": { - "description": "The SSH configuration for Linux-based VMs running on Azure.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceSshConfiguration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername", - "ssh" - ], - "type": "object" - }, - "ContainerServiceNetworkProfile": { - "description": "Profile of network configuration.", - "properties": { - "dnsServiceIP": { - "description": "An IP address assigned to the Kubernetes DNS service. It must be within the Kubernetes service address range specified in serviceCidr.", - "oneOf": [ - { - "pattern": "^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipFamilies": { - "description": "IP families are used to determine single-stack or dual-stack clusters. For single-stack, the expected value is IPv4. For dual-stack, the expected values are IPv4 and IPv6.", - "oneOf": [ - { - "items": { - "enum": [ - "IPv4", - "IPv6" - ], - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerProfile": { - "description": "Profile of the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "loadBalancerSku": { - "description": "The default is 'standard'. See [Azure Load Balancer SKUs](https://docs.microsoft.com/azure/load-balancer/skus) for more information about the differences between load balancer SKUs.", - "oneOf": [ - { - "enum": [ - "standard", - "basic" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "monitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "oneOf": [ - { - "$ref": "#/definitions/NetworkMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "natGatewayProfile": { - "description": "Profile of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNATGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkDataplane": { - "description": "Network dataplane used in the Kubernetes cluster.", - "oneOf": [ - { - "enum": [ - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkMode": { - "description": "This cannot be specified if networkPlugin is anything other than 'azure'.", - "oneOf": [ - { - "enum": [ - "transparent", - "bridge" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPlugin": { - "description": "Network plugin used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "azure", - "kubenet", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPluginMode": { - "description": "Network plugin mode used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "overlay" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkPolicy": { - "description": "Network policy used for building the Kubernetes network.", - "oneOf": [ - { - "enum": [ - "none", - "calico", - "azure", - "cilium" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundType": { - "description": "This can only be set at cluster creation time and cannot be changed later. For more information see [egress outbound type](https://docs.microsoft.com/azure/aks/egress-outboundtype).", - "oneOf": [ - { - "enum": [ - "loadBalancer", - "userDefinedRouting", - "managedNATGateway", - "userAssignedNATGateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidr": { - "description": "A CIDR notation IP range from which to assign pod IPs when kubenet is used.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidr": { - "description": "A CIDR notation IP range from which to assign service cluster IPs. It must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}(\\/([0-9]|[1-2][0-9]|3[0-2]))?$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceCidrs": { - "description": "One IPv4 CIDR is expected for single-stack networking. Two CIDRs, one for each IP family (IPv4/IPv6), is expected for dual-stack networking. They must not overlap with any Subnet IP ranges.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "staticEgressGatewayProfile": { - "description": "The profile for Static Egress Gateway addon. For more details about Static Egress Gateway, see https://aka.ms/aks/static-egress-gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStaticEgressGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfig": { - "description": "Holds configuration customizations for kube-proxy. Any values not defined will use the kube-proxy defaulting behavior. See https://v.docs.kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/ where is represented by a - string. Kubernetes version 1.23 would be '1-23'.", - "properties": { - "enabled": { - "description": "Whether to enable on kube-proxy on the cluster (if no 'kubeProxyConfig' exists, kube-proxy is enabled in AKS by default without these customizations).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ipvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Specify which proxy mode to use ('IPTABLES' or 'IPVS')", - "oneOf": [ - { - "enum": [ - "IPTABLES", - "IPVS" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceNetworkProfileKubeProxyConfigIpvsConfig": { - "description": "Holds configuration customizations for IPVS. May only be specified if 'mode' is set to 'IPVS'.", - "properties": { - "scheduler": { - "description": "IPVS scheduler, for more information please see http://www.linuxvirtualserver.org/docs/scheduling.html.", - "oneOf": [ - { - "enum": [ - "RoundRobin", - "LeastConnection" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpFinTimeoutSeconds": { - "description": "The timeout value used for IPVS TCP sessions after receiving a FIN in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tcpTimeoutSeconds": { - "description": "The timeout value used for idle IPVS TCP sessions in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "udpTimeoutSeconds": { - "description": "The timeout value used for IPVS UDP packets in seconds. Must be a positive integer value.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ContainerServiceSshConfiguration": { - "description": "SSH configuration for Linux-based VMs running on Azure.", - "properties": { - "publicKeys": { - "description": "The list of SSH public keys used to authenticate with Linux-based VMs. A maximum of 1 key may be specified.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ContainerServiceSshPublicKey" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "publicKeys" - ], - "type": "object" - }, - "ContainerServiceSshPublicKey": { - "description": "Contains information about SSH certificate public key data.", - "properties": { - "keyData": { - "description": "Certificate public key used to authenticate with VMs through SSH. The certificate must be in PEM format with or without headers.", - "type": "string" - } - }, - "required": [ - "keyData" - ], - "type": "object" - }, - "CreationData": { - "description": "Data used when creating a target resource from a source resource.", - "properties": { - "sourceResourceId": { - "description": "This is the ARM ID of the source object to be used to create the target object.", - "type": "string" - } - }, - "type": "object" - }, - "DailySchedule": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "properties": { - "intervalDays": { - "description": "Specifies the number of days between each set of occurrences.", - "oneOf": [ - { - "maximum": 7, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalDays" - ], - "type": "object" - }, - "DateSpan": { - "description": "For example, between '2022-12-23' and '2023-01-05'.", - "properties": { - "end": { - "description": "The end date of the date span.", - "type": "string" - }, - "start": { - "description": "The start date of the date span.", - "type": "string" - } - }, - "required": [ - "start", - "end" - ], - "type": "object" - }, - "DelegatedResource": { - "description": "Delegated resource properties - internal use only.", - "properties": { - "location": { - "description": "The source resource location - internal use only.", - "type": "string" - }, - "referralResource": { - "description": "The delegation id of the referral delegation (optional) - internal use only.", - "type": "string" - }, - "resourceId": { - "description": "The ARM resource id of the delegated resource - internal use only.", - "type": "string" - }, - "tenantId": { - "description": "The tenant id of the delegated resource - internal use only.", - "oneOf": [ - { - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ExtendedLocation": { - "description": "The complex type of the extended location.", - "properties": { - "name": { - "description": "The name of the extended location.", - "type": "string" - }, - "type": { - "description": "The type of the extended location.", - "oneOf": [ - { - "enum": [ - "EdgeZone" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IPTag": { - "description": "Contains the IPTag associated with the object.", - "properties": { - "ipTagType": { - "description": "The IP tag type. Example: RoutingPreference.", - "type": "string" - }, - "tag": { - "description": "The value of the IP tag associated with the public IP. Example: Internet.", - "type": "string" - } - }, - "type": "object" - }, - "IstioCertificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "properties": { - "plugin": { - "description": "Plugin certificates information for Service Mesh.", - "oneOf": [ - { - "$ref": "#/definitions/IstioPluginCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioComponents": { - "description": "Istio components configuration.", - "properties": { - "egressGateways": { - "description": "Istio egress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioEgressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressGateways": { - "description": "Istio ingress gateways.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/IstioIngressGateway" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "IstioEgressGateway": { - "description": "Istio egress gateway configuration.", - "properties": { - "enabled": { - "description": "Whether to enable the egress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "IstioIngressGateway": { - "description": "Istio ingress gateway configuration. For now, we support up to one external ingress gateway named `aks-istio-ingressgateway-external` and one internal ingress gateway named `aks-istio-ingressgateway-internal`.", - "properties": { - "enabled": { - "description": "Whether to enable the ingress gateway.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of an ingress gateway.", - "oneOf": [ - { - "enum": [ - "External", - "Internal" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode", - "enabled" - ], - "type": "object" - }, - "IstioPluginCertificateAuthority": { - "description": "Plugin certificates information for Service Mesh.", - "properties": { - "certChainObjectName": { - "description": "Certificate chain object name in Azure Key Vault.", - "type": "string" - }, - "certObjectName": { - "description": "Intermediate certificate object name in Azure Key Vault.", - "type": "string" - }, - "keyObjectName": { - "description": "Intermediate certificate private key object name in Azure Key Vault.", - "type": "string" - }, - "keyVaultId": { - "description": "The resource ID of the Key Vault.", - "type": "string" - }, - "rootCertObjectName": { - "description": "Root certificate object name in Azure Key Vault.", - "type": "string" - } - }, - "type": "object" - }, - "IstioServiceMesh": { - "description": "Istio service mesh configuration.", - "properties": { - "certificateAuthority": { - "description": "Istio Service Mesh Certificate Authority (CA) configuration. For now, we only support plugin certificates as described here https://aka.ms/asm-plugin-ca", - "oneOf": [ - { - "$ref": "#/definitions/IstioCertificateAuthority" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "components": { - "description": "Istio components configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioComponents" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "revisions": { - "description": "The list of revisions of the Istio control plane. When an upgrade is not in progress, this holds one value. When canary upgrade is in progress, this can only hold two consecutive values. For more information, see: https://learn.microsoft.com/en-us/azure/aks/istio-upgrade", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "KubeletConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "allowedUnsafeSysctls": { - "description": "Allowed list of unsafe sysctls or unsafe sysctl patterns (ending in `*`).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxFiles": { - "description": "The maximum number of container log files that can be present for a container. The number must be ≥ 2.", - "oneOf": [ - { - "minimum": 2, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerLogMaxSizeMB": { - "description": "The maximum size (e.g. 10Mi) of container log file before it is rotated.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuota": { - "description": "The default is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "cpuCfsQuotaPeriod": { - "description": "The default is '100ms.' Valid values are a sequence of decimal numbers with an optional fraction and a unit suffix. For example: '300ms', '2h45m'. Supported units are 'ns', 'us', 'ms', 's', 'm', and 'h'.", - "type": "string" - }, - "cpuManagerPolicy": { - "description": "The default is 'none'. See [Kubernetes CPU management policies](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#cpu-management-policies) for more information. Allowed values are 'none' and 'static'.", - "type": "string" - }, - "failSwapOn": { - "description": "If set to true it will make the Kubelet fail to start if swap is enabled on the node.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcHighThreshold": { - "description": "To disable image garbage collection, set to 100. The default is 85%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageGcLowThreshold": { - "description": "This cannot be set higher than imageGcHighThreshold. The default is 80%", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podMaxPids": { - "description": "The maximum number of processes per pod.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "topologyManagerPolicy": { - "description": "For more information see [Kubernetes Topology Manager](https://kubernetes.io/docs/tasks/administer-cluster/topology-manager). The default is 'none'. Allowed values are 'none', 'best-effort', 'restricted', and 'single-numa-node'.", - "type": "string" - } - }, - "type": "object" - }, - "LinuxOSConfig": { - "description": "See [AKS custom node configuration](https://docs.microsoft.com/azure/aks/custom-node-configuration) for more details.", - "properties": { - "swapFileSizeMB": { - "description": "The size in MB of a swap file that will be created on each node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sysctls": { - "description": "Sysctl settings for Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/SysctlConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "transparentHugePageDefrag": { - "description": "Valid values are 'always', 'defer', 'defer+madvise', 'madvise' and 'never'. The default is 'madvise'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - }, - "transparentHugePageEnabled": { - "description": "Valid values are 'always', 'madvise', and 'never'. The default is 'always'. For more information see [Transparent Hugepages](https://www.kernel.org/doc/html/latest/admin-guide/mm/transhuge.html#admin-guide-transhuge).", - "type": "string" - } - }, - "type": "object" - }, - "MaintenanceConfigurationProperties": { - "description": "Properties used to configure planned maintenance for a Managed Cluster.", - "properties": { - "maintenanceWindow": { - "description": "Maintenance window for the maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceWindow" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedTime": { - "description": "Time slots on which upgrade is not allowed.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "timeInWeek": { - "description": "If two array entries specify the same day of the week, the applied configuration is the union of times in both entries.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/TimeInWeek" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "MaintenanceWindow": { - "description": "Maintenance window used to configure scheduled auto-upgrade for a Managed Cluster.", - "properties": { - "durationHours": { - "description": "Length of maintenance window range from 4 to 24 hours.", - "oneOf": [ - { - "maximum": 24, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "notAllowedDates": { - "description": "Date ranges on which upgrade is not allowed. 'utcOffset' applies to this field. For example, with 'utcOffset: +02:00' and 'dateSpan' being '2022-12-23' to '2023-01-03', maintenance will be blocked from '2022-12-22 22:00' to '2023-01-03 22:00' in UTC time.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/DateSpan" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "schedule": { - "description": "Recurrence schedule for the maintenance window.", - "oneOf": [ - { - "$ref": "#/definitions/Schedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "startDate": { - "description": "The date the maintenance window activates. If the current date is before this date, the maintenance window is inactive and will not be used for upgrades. If not specified, the maintenance window will be active right away.", - "type": "string" - }, - "startTime": { - "description": "The start time of the maintenance window. Accepted values are from '00:00' to '23:59'. 'utcOffset' applies to this field. For example: '02:00' with 'utcOffset: +02:00' means UTC time '00:00'.", - "oneOf": [ - { - "pattern": "^\\d{2}:\\d{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "utcOffset": { - "description": "The UTC offset in format +/-HH:mm. For example, '+05:30' for IST and '-07:00' for PST. If not specified, the default is '+00:00'.", - "oneOf": [ - { - "pattern": "^(-|\\+)[0-9]{2}:[0-9]{2}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "schedule", - "durationHours", - "startTime" - ], - "type": "object" - }, - "ManagedClusterAADProfile": { - "description": "For more details see [managed AAD on AKS](https://docs.microsoft.com/azure/aks/managed-aad).", - "properties": { - "adminGroupObjectIDs": { - "description": "The list of AAD group object IDs that will have admin role of the cluster.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clientAppID": { - "description": "(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "enableAzureRBAC": { - "description": "Whether to enable Azure RBAC for Kubernetes authorization.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managed": { - "description": "Whether to enable managed AAD.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serverAppID": { - "description": "(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "serverAppSecret": { - "description": "(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.", - "type": "string" - }, - "tenantID": { - "description": "The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAIToolchainOperatorProfile": { - "description": "When enabling the operator, a set of AKS managed CRDs and controllers will be installed in the cluster. The operator automates the deployment of OSS models for inference and/or training purposes. It provides a set of preset models and enables distributed inference against them.", - "properties": { - "enabled": { - "description": "Indicates if AI toolchain operator enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAPIServerAccessProfile": { - "description": "Access profile for managed cluster API server.", - "properties": { - "authorizedIPRanges": { - "description": "IP ranges are specified in CIDR format, e.g. 137.117.106.88/29. This feature is not compatible with clusters that use Public IP Per Node, or clusters that are using a Basic Load Balancer. For more information see [API server authorized IP ranges](https://docs.microsoft.com/azure/aks/api-server-authorized-ip-ranges).", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableRunCommand": { - "description": "Whether to disable run command for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateCluster": { - "description": "For more details, see [Creating a private AKS cluster](https://docs.microsoft.com/azure/aks/private-clusters).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePrivateClusterPublicFQDN": { - "description": "Whether to create additional public FQDN for private cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableVnetIntegration": { - "description": "Whether to enable apiserver vnet integration for the cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateDNSZone": { - "description": "The default is System. For more details see [configure private DNS zone](https://docs.microsoft.com/azure/aks/private-clusters#configure-private-dns-zone). Allowed values are 'system' and 'none'.", - "type": "string" - }, - "subnetId": { - "description": "It is required when: 1. creating a new cluster with BYO Vnet; 2. updating an existing cluster to enable apiserver vnet integration.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAddonProfile": { - "description": "A Kubernetes add-on profile for a managed cluster.", - "properties": { - "config": { - "description": "Key-value pairs for configuring an add-on.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the add-on is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfile": { - "description": "Profile for the container service agent pool.", - "properties": { - "artifactStreamingProfile": { - "description": "Configuration for using artifact streaming on AKS.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolArtifactStreamingProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gatewayProfile": { - "description": "Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuProfile": { - "description": "The GPU settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolGPUProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User", - "Gateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "Windows agent pool names must be 6 characters or less.", - "oneOf": [ - { - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeInitializationTaints": { - "description": "These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022", - "WindowsAnnual" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIPAllocationMode": { - "description": "The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is 'DynamicIndividual'.", - "oneOf": [ - { - "enum": [ - "DynamicIndividual", - "StaticBlock" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet", - "VirtualMachines" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachineNodesStatus": { - "description": "The status of nodes in a VirtualMachines agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/VirtualMachineNodes" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachinesProfile": { - "description": "Specifications on VirtualMachines agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/VirtualMachinesProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name" - ], - "type": "object" - }, - "ManagedClusterAgentPoolProfileProperties": { - "description": "Properties for the container service agent pool profile.", - "properties": { - "artifactStreamingProfile": { - "description": "Configuration for using artifact streaming on AKS.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolArtifactStreamingProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "availabilityZones": { - "description": "The list of Availability zones to use for nodes. This can only be specified if the AgentPoolType property is 'VirtualMachineScaleSets'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "capacityReservationGroupID": { - "description": "AKS will associate the specified agent pool with the Capacity Reservation Group.", - "type": "string" - }, - "count": { - "description": "Number of agents (VMs) to host docker containers. Allowed values must be in the range of 0 to 1000 (inclusive) for user pools and in the range of 1 to 1000 (inclusive) for system pools. The default value is 1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the node pool will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableAutoScaling": { - "description": "Whether to enable auto-scaler", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableCustomCATrust": { - "description": "When set to true, AKS adds a label to the node indicating that the feature is enabled and deploys a daemonset along with host services to sync custom certificate authorities from user-provided list of base64 encoded certificates into node trust stores. Defaults to false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableEncryptionAtHost": { - "description": "This is only supported on certain VM sizes and in certain Azure regions. For more information, see: https://docs.microsoft.com/azure/aks/enable-host-encryption", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableFIPS": { - "description": "See [Add a FIPS-enabled node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#add-a-fips-enabled-node-pool-preview) for more details.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableNodePublicIP": { - "description": "Some scenarios may require nodes in a node pool to receive their own dedicated public IP addresses. A common scenario is for gaming workloads, where a console needs to make a direct connection to a cloud virtual machine to minimize hops. For more information see [assigning a public IP per node](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools). The default is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableUltraSSD": { - "description": "Whether to enable UltraSSD", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gatewayProfile": { - "description": "Profile specific to a managed agent pool in Gateway mode. This field cannot be set if agent pool mode is not Gateway.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolGatewayProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuInstanceProfile": { - "description": "GPUInstanceProfile to be used to specify GPU MIG instance profile for supported GPU VM SKU.", - "oneOf": [ - { - "enum": [ - "MIG1g", - "MIG2g", - "MIG3g", - "MIG4g", - "MIG7g" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gpuProfile": { - "description": "The GPU settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolGPUProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hostGroupID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. For more information see [Azure dedicated hosts](https://docs.microsoft.com/azure/virtual-machines/dedicated-hosts).", - "type": "string" - }, - "kubeletConfig": { - "description": "The Kubelet configuration on the agent pool nodes.", - "oneOf": [ - { - "$ref": "#/definitions/KubeletConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeletDiskType": { - "description": "Determines the placement of emptyDir volumes, container runtime data root, and Kubelet ephemeral storage.", - "oneOf": [ - { - "enum": [ - "OS", - "Temporary" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "linuxOSConfig": { - "description": "The OS configuration of Linux agent nodes.", - "oneOf": [ - { - "$ref": "#/definitions/LinuxOSConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxCount": { - "description": "The maximum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "maxPods": { - "description": "The maximum number of pods that can run on a node.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "messageOfTheDay": { - "description": "A base64-encoded string which will be written to /etc/motd after decoding. This allows customization of the message of the day for Linux nodes. It must not be specified for Windows nodes. It must be a static string (i.e., will be printed raw and not be executed as a script).", - "type": "string" - }, - "minCount": { - "description": "The minimum number of nodes for auto-scaling", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "A cluster must have at least one 'System' Agent Pool at all times. For additional information on agent pool restrictions and best practices, see: https://docs.microsoft.com/azure/aks/use-system-pools", - "oneOf": [ - { - "enum": [ - "System", - "User", - "Gateway" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "Network-related settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeInitializationTaints": { - "description": "These taints will not be reconciled by AKS and can be removed with a kubectl call. This field can be modified after node pool is created, but nodes will not be recreated with new taints until another operation that requires recreation (e.g. node image upgrade) happens. These taints allow for required configuration to run before the node is ready to accept workloads, for example 'key1=value1:NoSchedule' that then can be removed with `kubectl taint nodes node1 key1=value1:NoSchedule-`", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeLabels": { - "description": "The node labels to be persisted across all nodes in agent pool.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodePublicIPPrefixID": { - "description": "This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}", - "type": "string" - }, - "nodeTaints": { - "description": "The taints added to new nodes during node pool create and scale. For example, key=value:NoSchedule.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "orchestratorVersion": { - "description": "Both patch version and are supported. When is specified, the latest supported patch version is chosen automatically. Updating the agent pool with the same once it has been created will not trigger an upgrade, even if a newer patch version is available. As a best practice, you should upgrade all node pools in an AKS cluster to the same Kubernetes version. The node pool version must have the same major version as the control plane. The node pool minor version must be within two minor versions of the control plane version. The node pool version cannot be greater than the control plane version. For more information see [upgrading a node pool](https://docs.microsoft.com/azure/aks/use-multiple-node-pools#upgrade-a-node-pool).", - "type": "string" - }, - "osDiskSizeGB": { - "description": "OS Disk Size in GB to be used to specify the disk size for every machine in the master/agent pool. If you specify 0, it will apply the default osDisk size according to the vmSize specified.", - "oneOf": [ - { - "maximum": 2048, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osDiskType": { - "description": "The default is 'Ephemeral' if the VM supports it and has a cache disk larger than the requested OSDiskSizeGB. Otherwise, defaults to 'Managed'. May not be changed after creation. For more information see [Ephemeral OS](https://docs.microsoft.com/azure/aks/cluster-configuration#ephemeral-os).", - "oneOf": [ - { - "enum": [ - "Managed", - "Ephemeral" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osSKU": { - "description": "Specifies the OS SKU used by the agent pool. If not specified, the default is Ubuntu if OSType=Linux or Windows2019 if OSType=Windows. And the default Windows OSSKU will be changed to Windows2022 after Windows2019 is deprecated.", - "oneOf": [ - { - "enum": [ - "Ubuntu", - "Mariner", - "AzureLinux", - "CBLMariner", - "Windows2019", - "Windows2022", - "WindowsAnnual" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "osType": { - "description": "The operating system type. The default is Linux.", - "oneOf": [ - { - "enum": [ - "Linux", - "Windows" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIPAllocationMode": { - "description": "The IP allocation mode for pods in the agent pool. Must be used with podSubnetId. The default is 'DynamicIndividual'.", - "oneOf": [ - { - "enum": [ - "DynamicIndividual", - "StaticBlock" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podSubnetID": { - "description": "If omitted, pod IPs are statically assigned on the node subnet (see vnetSubnetID for more details). This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "powerState": { - "description": "When an Agent Pool is first created it is initially Running. The Agent Pool can be stopped by setting this field to Stopped. A stopped Agent Pool stops all of its VMs and does not accrue billing charges. An Agent Pool can only be stopped if it is Running and provisioning state is Succeeded", - "oneOf": [ - { - "$ref": "#/definitions/PowerState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "proximityPlacementGroupID": { - "description": "The ID for Proximity Placement Group.", - "type": "string" - }, - "scaleDownMode": { - "description": "This also effects the cluster autoscaler behavior. If not specified, it defaults to Delete.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetEvictionPolicy": { - "description": "This cannot be specified unless the scaleSetPriority is 'Spot'. If not specified, the default is 'Delete'.", - "oneOf": [ - { - "enum": [ - "Delete", - "Deallocate" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "scaleSetPriority": { - "description": "The Virtual Machine Scale Set priority. If not specified, the default is 'Regular'.", - "oneOf": [ - { - "enum": [ - "Spot", - "Regular" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "The security settings of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "spotMaxPrice": { - "description": "Possible values are any decimal value greater than zero or -1 which indicates the willingness to pay any on-demand price. For more details on spot pricing, see [spot VMs pricing](https://docs.microsoft.com/azure/virtual-machines/spot-vms#pricing)", - "oneOf": [ - { - "type": "number" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tags": { - "description": "The tags to be persisted on the agent pool virtual machine scale set.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The type of Agent Pool.", - "oneOf": [ - { - "enum": [ - "VirtualMachineScaleSets", - "AvailabilitySet", - "VirtualMachines" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading the agentpool", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachineNodesStatus": { - "description": "The status of nodes in a VirtualMachines agent pool.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/VirtualMachineNodes" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachinesProfile": { - "description": "Specifications on VirtualMachines agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/VirtualMachinesProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSize": { - "description": "VM size availability varies by region. If a node contains insufficient compute resources (memory, cpu, etc) pods might fail to run correctly. For more details on restricted VM sizes, see: https://docs.microsoft.com/azure/aks/quotas-skus-regions", - "type": "string" - }, - "vnetSubnetID": { - "description": "If this is not specified, a VNET and subnet will be generated and used. If no podSubnetID is specified, this applies to nodes and pods, otherwise it applies to just nodes. This is of the form: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}", - "type": "string" - }, - "windowsProfile": { - "description": "The Windows agent pool's specific profile.", - "oneOf": [ - { - "$ref": "#/definitions/AgentPoolWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadRuntime": { - "description": "Determines the type of workload a node can run.", - "oneOf": [ - { - "enum": [ - "OCIContainer", - "WasmWasi", - "KataMshvVmIsolation" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAutoUpgradeProfile": { - "description": "Auto upgrade profile for a managed cluster.", - "properties": { - "nodeOSUpgradeChannel": { - "description": "The default is Unmanaged, but may change to either NodeImage or SecurityPatch at GA.", - "oneOf": [ - { - "enum": [ - "None", - "Unmanaged", - "SecurityPatch", - "NodeImage" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeChannel": { - "description": "For more information see [setting the AKS cluster auto-upgrade channel](https://docs.microsoft.com/azure/aks/upgrade-cluster#set-auto-upgrade-channel).", - "oneOf": [ - { - "enum": [ - "rapid", - "stable", - "patch", - "node-image", - "none" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "properties": { - "appMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileContainerInsights" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metrics": { - "description": "Metrics profile for the prometheus service addon", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoring": { - "description": "Application Monitoring Profile for Kubernetes Application Container. Collects application logs, metrics and traces through auto-instrumentation of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "autoInstrumentation": { - "description": "Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "openTelemetryLogs": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "openTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoringAutoInstrumentation": { - "description": "Application Monitoring Auto Instrumentation for Kubernetes Application Container. Deploys web hook to auto-instrument Azure Monitor OpenTelemetry based SDKs to collect OpenTelemetry metrics, logs and traces of the application. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring Auto Instrumentation is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryLogs": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Logs and Traces. Collects OpenTelemetry logs and traces of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring Open Telemetry Logs and traces is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "port": { - "description": "The Open Telemetry host port for Open Telemetry logs and traces. If not specified, the default port is 28331.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileAppMonitoringOpenTelemetryMetrics": { - "description": "Application Monitoring Open Telemetry Metrics Profile for Kubernetes Application Container Metrics. Collects OpenTelemetry metrics of the application using Azure Monitor OpenTelemetry based SDKs. See aka.ms/AzureMonitorApplicationMonitoring for an overview.", - "properties": { - "enabled": { - "description": "Indicates if Application Monitoring Open Telemetry Metrics is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "port": { - "description": "The Open Telemetry host port for Open Telemetry metrics. If not specified, the default port is 28333.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileContainerInsights": { - "description": "Azure Monitor Container Insights Profile for Kubernetes Events, Inventory and Container stdout & stderr logs etc. See aka.ms/AzureMonitorContainerInsights for an overview.", - "properties": { - "disableCustomMetrics": { - "description": "Indicates whether custom metrics collection has to be disabled or not. If not specified the default is false. No custom metrics will be emitted if this field is false but the container insights enabled field is false", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disablePrometheusMetricsScraping": { - "description": "Indicates whether prometheus metrics scraping is disabled or not. If not specified the default is false. No prometheus metrics will be emitted if this field is false but the container insights enabled field is false", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Indicates if Azure Monitor Container Insights Logs Addon is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "logAnalyticsWorkspaceResourceId": { - "description": "Fully Qualified ARM Resource Id of Azure Log Analytics Workspace for storing Azure Monitor Container Insights Logs.", - "type": "string" - }, - "syslogPort": { - "description": "The syslog host port. If not specified, the default port is 28330.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileKubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "properties": { - "metricAnnotationsAllowList": { - "description": "Comma-separated list of additional Kubernetes label keys that will be used in the resource's labels metric.", - "type": "string" - }, - "metricLabelsAllowlist": { - "description": "Comma-separated list of Kubernetes annotations keys that will be used in the resource's labels metric. ", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterAzureMonitorProfileMetrics": { - "description": "Metrics profile for the prometheus service addon", - "properties": { - "enabled": { - "description": "Whether to enable the Prometheus collector", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubeStateMetrics": { - "description": "Kube State Metrics for prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfileKubeStateMetrics" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterBootstrapProfile": { - "description": "The bootstrap profile.", - "properties": { - "artifactSource": { - "description": "The source where the artifacts are downloaded from.", - "oneOf": [ - { - "enum": [ - "Cache", - "Direct" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "containerRegistryId": { - "description": "The resource Id of Azure Container Registry. The registry must have private network access, premium SKU and zone redundancy.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterCostAnalysis": { - "description": "The cost analysis configuration for the cluster", - "properties": { - "enabled": { - "description": "The Managed Cluster sku.tier must be set to 'Standard' or 'Premium' to enable this feature. Enabling this will add Kubernetes Namespace and Deployment details to the Cost Analysis views in the Azure portal. If not specified, the default is false. For more information see aka.ms/aks/docs/cost-analysis.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterHttpProxyConfig": { - "description": "Cluster HTTP proxy configuration.", - "properties": { - "httpProxy": { - "description": "The HTTP proxy server endpoint to use.", - "type": "string" - }, - "httpsProxy": { - "description": "The HTTPS proxy server endpoint to use.", - "type": "string" - }, - "noProxy": { - "description": "The endpoints that should not go through proxy.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "trustedCa": { - "description": "Alternative CA cert to use for connecting to proxy servers.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterIdentity": { - "description": "Identity for the managed cluster.", - "properties": { - "delegatedResources": { - "description": "The delegated identity resources assigned to this managed cluster. This can only be set by another Azure Resource Provider, and managed cluster only accept one delegated identity resource. Internal use only.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/DelegatedResource" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "For more information see [use managed identities in AKS](https://docs.microsoft.com/azure/aks/use-managed-identity).", - "oneOf": [ - { - "enum": [ - "SystemAssigned", - "UserAssigned", - "None" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The keys must be ARM resource IDs in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedServiceIdentityUserAssignedIdentitiesValue" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfile": { - "description": "Ingress profile for the container service cluster.", - "properties": { - "webAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfileWebAppRouting" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterIngressProfileWebAppRouting": { - "description": "Web App Routing settings for the ingress profile.", - "properties": { - "dnsZoneResourceIds": { - "description": "Resource IDs of the DNS zones to be associated with the Web App Routing add-on. Used only when Web App Routing is enabled. Public and private DNS zones can be in different resource groups, but all public DNS zones must be in the same resource group and all private DNS zones must be in the same resource group.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable Web App Routing.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfile": { - "description": "Profile of the managed cluster load balancer.", - "properties": { - "allocatedOutboundPorts": { - "description": "The desired number of allocated SNAT ports per VM. Allowed values are in the range of 0 to 64000 (inclusive). The default value is 0 which results in Azure dynamically allocating ports.", - "oneOf": [ - { - "maximum": 64000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "backendPoolType": { - "description": "The type of the managed inbound Load Balancer BackendPool.", - "oneOf": [ - { - "enum": [ - "NodeIPConfiguration", - "NodeIP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "clusterServiceLoadBalancerHealthProbeMode": { - "description": "The health probing behavior for External Traffic Policy Cluster services.", - "oneOf": [ - { - "enum": [ - "ServiceNodePort", - "Shared" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster load balancer.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableMultipleStandardLoadBalancers": { - "description": "Enable multiple standard load balancers per AKS cluster or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 30 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileManagedOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPPrefixes" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "outboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterLoadBalancerProfileOutboundIPs" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileManagedOutboundIPs": { - "description": "Desired managed outbound IPs for the cluster load balancer.", - "properties": { - "count": { - "description": "The desired number of IPv4 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "countIPv6": { - "description": "The desired number of IPv6 outbound IPs created/managed by Azure for the cluster load balancer. Allowed values must be in the range of 1 to 100 (inclusive). The default value is 0 for single-stack and 1 for dual-stack. ", - "oneOf": [ - { - "maximum": 100, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPPrefixes": { - "description": "Desired outbound IP Prefix resources for the cluster load balancer.", - "properties": { - "publicIPPrefixes": { - "description": "A list of public IP prefix resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterLoadBalancerProfileOutboundIPs": { - "description": "Desired outbound IP resources for the cluster load balancer.", - "properties": { - "publicIPs": { - "description": "A list of public IP resources.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterManagedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the managed cluster.", - "properties": { - "count": { - "description": "The desired number of outbound IPs created/managed by Azure. Allowed values must be in the range of 1 to 16 (inclusive). The default value is 1. ", - "oneOf": [ - { - "maximum": 16, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterMetricsProfile": { - "description": "The metrics profile for the ManagedCluster.", - "properties": { - "costAnalysis": { - "description": "The cost analysis configuration for the cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterCostAnalysis" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNATGatewayProfile": { - "description": "Profile of the managed cluster NAT gateway.", - "properties": { - "effectiveOutboundIPs": { - "description": "The effective outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ResourceReference" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "idleTimeoutInMinutes": { - "description": "Desired outbound flow idle timeout in minutes. Allowed values are in the range of 4 to 120 (inclusive). The default value is 4 minutes.", - "oneOf": [ - { - "maximum": 120, - "minimum": 4, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "managedOutboundIPProfile": { - "description": "Profile of the managed outbound IP resources of the cluster NAT gateway.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterManagedOutboundIPProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeProvisioningProfile": { - "properties": { - "mode": { - "description": "Once the mode it set to Auto, it cannot be changed back to Manual.", - "oneOf": [ - { - "enum": [ - "Manual", - "Auto" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterNodeResourceGroupProfile": { - "description": "Node resource group lockdown profile for a managed cluster.", - "properties": { - "restrictionLevel": { - "description": "The restriction level applied to the cluster's node resource group", - "oneOf": [ - { - "enum": [ - "Unrestricted", - "ReadOnly" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterOidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "properties": { - "enabled": { - "description": "Whether the OIDC issuer is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPodIdentity": { - "description": "Details about the pod identity assigned to the Managed Cluster.", - "properties": { - "bindingSelector": { - "description": "The binding selector to use for the AzureIdentityBinding resource.", - "type": "string" - }, - "identity": { - "description": "The user assigned identity details.", - "oneOf": [ - { - "$ref": "#/definitions/UserAssignedIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "name": { - "description": "The name of the pod identity.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity.", - "type": "string" - } - }, - "required": [ - "name", - "namespace", - "identity" - ], - "type": "object" - }, - "ManagedClusterPodIdentityException": { - "description": "See [disable AAD Pod Identity for a specific Pod/Application](https://azure.github.io/aad-pod-identity/docs/configure/application_exception/) for more details.", - "properties": { - "name": { - "description": "The name of the pod identity exception.", - "type": "string" - }, - "namespace": { - "description": "The namespace of the pod identity exception.", - "type": "string" - }, - "podLabels": { - "description": "The pod labels to match.", - "oneOf": [ - { - "additionalProperties": { - "type": "string" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "name", - "namespace", - "podLabels" - ], - "type": "object" - }, - "ManagedClusterPodIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on pod identity integration.", - "properties": { - "allowNetworkPluginKubenet": { - "description": "Running in Kubenet is disabled by default due to the security related nature of AAD Pod Identity and the risks of IP spoofing. See [using Kubenet network plugin with AAD Pod Identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity#using-kubenet-network-plugin-with-azure-active-directory-pod-managed-identities) for more information.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether the pod identity addon is enabled.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentities": { - "description": "The pod identities to use in the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentity" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userAssignedIdentityExceptions": { - "description": "The pod identity exceptions to allow.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterPodIdentityException" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterProperties": { - "description": "Properties of the managed cluster.", - "properties": { - "aadProfile": { - "description": "The Azure Active Directory configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAADProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "addonProfiles": { - "description": "The profile of managed cluster add-on.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/ManagedClusterAddonProfile" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "agentPoolProfiles": { - "description": "The agent pool properties.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManagedClusterAgentPoolProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "aiToolchainOperatorProfile": { - "description": "AI toolchain operator settings that apply to the whole cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAIToolchainOperatorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "apiServerAccessProfile": { - "description": "The access profile for managed cluster API server.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAPIServerAccessProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPropertiesAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "autoUpgradeProfile": { - "description": "The auto upgrade configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAutoUpgradeProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "azureMonitorProfile": { - "description": "Prometheus addon profile for the container service cluster", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAzureMonitorProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "bootstrapProfile": { - "description": "Profile of the cluster bootstrap configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterBootstrapProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "creationData": { - "description": "CreationData to be used to specify the source Snapshot ID if the cluster will be created/upgraded using a snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "disableLocalAccounts": { - "description": "If set to true, getting static credentials will be disabled for this cluster. This must only be used on Managed Clusters that are AAD enabled. For more details see [disable local accounts](https://docs.microsoft.com/azure/aks/managed-aad#disable-local-accounts-preview).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskEncryptionSetID": { - "description": "This is of the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}'", - "type": "string" - }, - "dnsPrefix": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "enableNamespaceResources": { - "description": "The default value is false. It can be enabled/disabled on creation and updating of the managed cluster. See [https://aka.ms/NamespaceARMResource](https://aka.ms/NamespaceARMResource) for more details on Namespace as a ARM Resource.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enablePodSecurityPolicy": { - "description": "(DEPRECATED) Whether to enable Kubernetes pod security policy (preview). PodSecurityPolicy was deprecated in Kubernetes v1.21, and removed from Kubernetes in v1.25. Learn more at https://aka.ms/k8s/psp and https://aka.ms/aks/psp.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enableRBAC": { - "description": "Whether to enable Kubernetes Role-Based Access Control.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fqdnSubdomain": { - "description": "This cannot be updated once the Managed Cluster has been created.", - "type": "string" - }, - "httpProxyConfig": { - "description": "Configurations for provisioning the cluster with HTTP proxy servers.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterHttpProxyConfig" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "identityProfile": { - "description": "Identities associated with the cluster.", - "oneOf": [ - { - "additionalProperties": { - "$ref": "#/definitions/UserAssignedIdentity" - }, - "properties": {}, - "type": "object" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ingressProfile": { - "description": "Ingress profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterIngressProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kubernetesVersion": { - "description": "When you upgrade a supported AKS cluster, Kubernetes minor versions cannot be skipped. All upgrades must be performed sequentially by major version number. For example, upgrades between 1.14.x -> 1.15.x or 1.15.x -> 1.16.x are allowed, however 1.14.x -> 1.16.x is not allowed. See [upgrading an AKS cluster](https://docs.microsoft.com/azure/aks/upgrade-cluster) for more details.", - "type": "string" - }, - "linuxProfile": { - "description": "The profile for Linux VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceLinuxProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "metricsProfile": { - "description": "Optional cluster metrics configuration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterMetricsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "networkProfile": { - "description": "The network configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ContainerServiceNetworkProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeProvisioningProfile": { - "description": "Node provisioning settings that apply to the whole cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeProvisioningProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeResourceGroup": { - "description": "The name of the resource group containing agent pool nodes.", - "type": "string" - }, - "nodeResourceGroupProfile": { - "description": "The node resource group configuration profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterNodeResourceGroupProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "oidcIssuerProfile": { - "description": "The OIDC issuer profile of the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterOidcIssuerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "podIdentityProfile": { - "description": "See [use AAD pod identity](https://docs.microsoft.com/azure/aks/use-azure-ad-pod-identity) for more details on AAD pod identity integration.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterPodIdentityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkResources": { - "description": "Private link resources associated with the cluster.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/PrivateLinkResource" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "publicNetworkAccess": { - "description": "Allow or deny public network access for AKS", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled", - "SecuredByPerimeter" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "safeguardsProfile": { - "description": "The Safeguards profile holds all the safeguards information for a given cluster", - "oneOf": [ - { - "$ref": "#/definitions/SafeguardsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "securityProfile": { - "description": "Security profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "serviceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ServiceMeshProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "servicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterServicePrincipalProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "storageProfile": { - "description": "Storage profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "supportPlan": { - "description": "The support plan for the Managed Cluster. If unspecified, the default is 'KubernetesOfficial'.", - "oneOf": [ - { - "enum": [ - "KubernetesOfficial", - "AKSLongTermSupport" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "upgradeSettings": { - "description": "Settings for upgrading a cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ClusterUpgradeSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "windowsProfile": { - "description": "The profile for Windows VMs in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWindowsProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterPropertiesAutoScalerProfile": { - "description": "Parameters to be applied to the cluster-autoscaler when enabled", - "properties": { - "balance-similar-node-groups": { - "description": "Valid values are 'true' and 'false'", - "type": "string" - }, - "daemonset-eviction-for-empty-nodes": { - "description": "If set to true, all daemonset pods on empty nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daemonset-eviction-for-occupied-nodes": { - "description": "If set to true, all daemonset pods on occupied nodes will be evicted before deletion of the node. If the daemonset pod cannot be evicted another node will be chosen for scaling. If set to false, the node will be deleted without ensuring that daemonset pods are deleted or evicted.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "expander": { - "description": "Available values are: 'least-waste', 'most-pods', 'priority', 'random'.", - "oneOf": [ - { - "enum": [ - "least-waste", - "most-pods", - "priority", - "random" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "ignore-daemonsets-utilization": { - "description": "If set to true, the resources used by daemonset will be taken into account when making scaling down decisions.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "max-empty-bulk-delete": { - "description": "The default is 10.", - "type": "string" - }, - "max-graceful-termination-sec": { - "description": "The default is 600.", - "type": "string" - }, - "max-node-provision-time": { - "description": "The default is '15m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "max-total-unready-percentage": { - "description": "The default is 45. The maximum is 100 and the minimum is 0.", - "type": "string" - }, - "new-pod-scale-up-delay": { - "description": "For scenarios like burst/batch scale where you don't want CA to act before the kubernetes scheduler could schedule all the pods, you can tell CA to ignore unscheduled pods before they're a certain age. The default is '0s'. Values must be an integer followed by a unit ('s' for seconds, 'm' for minutes, 'h' for hours, etc).", - "type": "string" - }, - "ok-total-unready-count": { - "description": "This must be an integer. The default is 3.", - "type": "string" - }, - "scale-down-delay-after-add": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-delete": { - "description": "The default is the scan-interval. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-delay-after-failure": { - "description": "The default is '3m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unneeded-time": { - "description": "The default is '10m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-unready-time": { - "description": "The default is '20m'. Values must be an integer followed by an 'm'. No unit of time other than minutes (m) is supported.", - "type": "string" - }, - "scale-down-utilization-threshold": { - "description": "The default is '0.5'.", - "type": "string" - }, - "scan-interval": { - "description": "The default is '10'. Values must be an integer number of seconds.", - "type": "string" - }, - "skip-nodes-with-local-storage": { - "description": "The default is true.", - "type": "string" - }, - "skip-nodes-with-system-pods": { - "description": "The default is true.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterSKU": { - "description": "The SKU of a Managed Cluster.", - "properties": { - "name": { - "description": "The name of a managed cluster SKU.", - "oneOf": [ - { - "enum": [ - "Base" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "tier": { - "description": "If not specified, the default is 'Free'. See [AKS Pricing Tier](https://learn.microsoft.com/azure/aks/free-standard-pricing-tiers) for more details.", - "oneOf": [ - { - "enum": [ - "Premium", - "Standard", - "Free" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfile": { - "description": "Security profile for the container service cluster.", - "properties": { - "azureKeyVaultKms": { - "description": "Azure Key Vault [key management service](https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/AzureKeyVaultKms" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "customCATrustCertificates": { - "description": "A list of up to 10 base64 encoded CAs that will be added to the trust store on nodes with the Custom CA Trust feature enabled. For more information see [Custom CA Trust Certificates](https://learn.microsoft.com/en-us/azure/aks/custom-certificate-authority)", - "oneOf": [ - { - "items": {}, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "defender": { - "description": "Microsoft Defender settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefender" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageCleaner": { - "description": "Image Cleaner settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageCleaner" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "imageIntegrity": { - "description": "Image integrity is a feature that works with Azure Policy to verify image integrity by signature. This will not have any effect unless Azure Policy is applied to enforce image signatures. See https://aka.ms/aks/image-integrity for how to use this feature via policy.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileImageIntegrity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "nodeRestriction": { - "description": "[Node Restriction](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#noderestriction) settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileNodeRestriction" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "workloadIdentity": { - "description": "Workload identity settings for the security profile. Workload identity enables Kubernetes applications to access Azure cloud resources securely with Azure AD. See https://aka.ms/aks/wi for more details.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileWorkloadIdentity" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefender": { - "description": "Microsoft Defender settings for the security profile.", - "properties": { - "logAnalyticsWorkspaceResourceId": { - "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty.", - "type": "string" - }, - "securityMonitoring": { - "description": "Microsoft Defender threat detection for Cloud settings for the security profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileDefenderSecurityMonitoring": { - "description": "Microsoft Defender settings for the security profile threat detection.", - "properties": { - "enabled": { - "description": "Whether to enable Defender threat detection", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageCleaner": { - "description": "Image Cleaner removes unused images from nodes, freeing up disk space and helping to reduce attack surface area. Here are settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Image Cleaner on AKS cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalHours": { - "description": "Image Cleaner scanning interval in hours.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileImageIntegrity": { - "description": "Image integrity related settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable image integrity. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileNodeRestriction": { - "description": "Node Restriction settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable Node Restriction", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterSecurityProfileWorkloadIdentity": { - "description": "Workload identity settings for the security profile.", - "properties": { - "enabled": { - "description": "Whether to enable workload identity.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterServicePrincipalProfile": { - "description": "Information about a service principal identity for the cluster to use for manipulating Azure APIs.", - "properties": { - "clientId": { - "description": "The ID for the service principal.", - "type": "string" - }, - "secret": { - "description": "The secret password associated with the service principal in plain text.", - "type": "string" - } - }, - "required": [ - "clientId" - ], - "type": "object" - }, - "ManagedClusterSnapshotProperties": { - "description": "Properties for a managed cluster snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStaticEgressGatewayProfile": { - "description": "The Static Egress Gateway addon configuration for the cluster.", - "properties": { - "enabled": { - "description": "Indicates if Static Egress Gateway addon is enabled or not.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfile": { - "description": "Storage profile for the container service cluster.", - "properties": { - "blobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileBlobCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "diskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileDiskCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileFileCSIDriver" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterStorageProfileSnapshotController" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileBlobCSIDriver": { - "description": "AzureBlob CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureBlob CSI Driver. The default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileDiskCSIDriver": { - "description": "AzureDisk CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureDisk CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of AzureDisk CSI Driver. The default value is v1.", - "type": "string" - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileFileCSIDriver": { - "description": "AzureFile CSI Driver settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable AzureFile CSI Driver. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterStorageProfileSnapshotController": { - "description": "Snapshot Controller settings for the storage profile.", - "properties": { - "enabled": { - "description": "Whether to enable Snapshot Controller. The default value is true.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWindowsProfile": { - "description": "Profile for Windows VMs in the managed cluster.", - "properties": { - "adminPassword": { - "description": "Specifies the password of the administrator account.

**Minimum-length:** 8 characters

**Max-length:** 123 characters

**Complexity requirements:** 3 out of 4 conditions below need to be fulfilled
Has lower characters
Has upper characters
Has a digit
Has a special character (Regex match [\\W_])

**Disallowed values:** \"abc@123\", \"P@$$w0rd\", \"P@ssw0rd\", \"P@ssword123\", \"Pa$$word\", \"pass@word1\", \"Password!\", \"Password1\", \"Password22\", \"iloveyou!\"", - "type": "string" - }, - "adminUsername": { - "description": "Specifies the name of the administrator account.

**Restriction:** Cannot end in \".\"

**Disallowed values:** \"administrator\", \"admin\", \"user\", \"user1\", \"test\", \"user2\", \"test1\", \"user3\", \"admin1\", \"1\", \"123\", \"a\", \"actuser\", \"adm\", \"admin2\", \"aspnet\", \"backup\", \"console\", \"david\", \"guest\", \"john\", \"owner\", \"root\", \"server\", \"sql\", \"support\", \"support_388945a0\", \"sys\", \"test2\", \"test3\", \"user4\", \"user5\".

**Minimum-length:** 1 character

**Max-length:** 20 characters", - "type": "string" - }, - "enableCSIProxy": { - "description": "For more details on CSI proxy, see the [CSI proxy GitHub repo](https://github.com/kubernetes-csi/csi-proxy).", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "gmsaProfile": { - "description": "The Windows gMSA Profile in the Managed Cluster.", - "oneOf": [ - { - "$ref": "#/definitions/WindowsGmsaProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "licenseType": { - "description": "The license type to use for Windows VMs. See [Azure Hybrid User Benefits](https://azure.microsoft.com/pricing/hybrid-benefit/faq/) for more details.", - "oneOf": [ - { - "enum": [ - "None", - "Windows_Server" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "adminUsername" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfile": { - "description": "Workload Auto-scaler profile for the managed cluster.", - "properties": { - "keda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileKeda" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "verticalPodAutoscaler": { - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileKeda": { - "description": "KEDA (Kubernetes Event-driven Autoscaling) settings for the workload auto-scaler profile.", - "properties": { - "enabled": { - "description": "Whether to enable KEDA.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler": { - "properties": { - "addonAutoscaling": { - "description": "Whether VPA add-on is enabled and configured to scale AKS-managed add-ons.", - "oneOf": [ - { - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enabled": { - "description": "Whether to enable VPA add-on in cluster. Default value is false.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "enabled" - ], - "type": "object" - }, - "ManagedServiceIdentityUserAssignedIdentitiesValue": { - "properties": {}, - "type": "object" - }, - "ManualScaleProfile": { - "description": "Specifications on number of machines.", - "properties": { - "count": { - "description": "Number of nodes.", - "oneOf": [ - { - "maximum": 1000, - "minimum": 0, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sizes": { - "description": "The list of allowed vm sizes. AKS will use the first available one when scaling. If a VM size is unavailable (e.g. due to quota or regional capacity reasons), AKS will use the next size.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "NetworkMonitoring": { - "description": "This addon can be used to configure network monitoring and generate network monitoring data in Prometheus format", - "properties": { - "enabled": { - "description": "Enable or disable the network monitoring plugin on the cluster", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PortRange": { - "description": "The port range.", - "properties": { - "portEnd": { - "description": "The maximum port that is included in the range. It should be ranged from 1 to 65535, and be greater than or equal to portStart.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "portStart": { - "description": "The minimum port that is included in the range. It should be ranged from 1 to 65535, and be less than or equal to portEnd.", - "oneOf": [ - { - "maximum": 65535, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "description": "The network protocol of the port.", - "oneOf": [ - { - "enum": [ - "TCP", - "UDP" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PowerState": { - "description": "Describes the Power State of the cluster", - "properties": { - "code": { - "description": "Tells whether the cluster is Running or Stopped", - "oneOf": [ - { - "enum": [ - "Running", - "Stopped" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "PrivateEndpoint": { - "description": "Private endpoint which a connection belongs to.", - "properties": { - "id": { - "description": "The resource ID of the private endpoint", - "type": "string" - } - }, - "type": "object" - }, - "PrivateEndpointConnectionProperties": { - "description": "Properties of a private endpoint connection.", - "properties": { - "privateEndpoint": { - "description": "The resource of private endpoint.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpoint" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "privateLinkServiceConnectionState": { - "description": "A collection of information about the state of the connection between service consumer and provider.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateLinkServiceConnectionState" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "privateLinkServiceConnectionState" - ], - "type": "object" - }, - "PrivateLinkResource": { - "description": "A private link resource", - "properties": { - "groupId": { - "description": "The group ID of the resource.", - "type": "string" - }, - "id": { - "description": "The ID of the private link resource.", - "type": "string" - }, - "name": { - "description": "The name of the private link resource.", - "type": "string" - }, - "requiredMembers": { - "description": "The RequiredMembers of the resource", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "description": "The resource type.", - "type": "string" - } - }, - "type": "object" - }, - "PrivateLinkServiceConnectionState": { - "description": "The state of a private link service connection.", - "properties": { - "description": { - "description": "The private link service connection description.", - "type": "string" - }, - "status": { - "description": "The private link service connection status.", - "oneOf": [ - { - "enum": [ - "Pending", - "Approved", - "Rejected", - "Disconnected" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "RelativeMonthlySchedule": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalMonths": { - "description": "Specifies the number of months between each set of occurrences.", - "oneOf": [ - { - "maximum": 6, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekIndex": { - "description": "Specifies on which instance of the allowed days specified in daysOfWeek the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "First", - "Second", - "Third", - "Fourth", - "Last" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalMonths", - "weekIndex", - "dayOfWeek" - ], - "type": "object" - }, - "ResourceReference": { - "description": "A reference to an Azure resource.", - "properties": { - "id": { - "description": "The fully qualified Azure resource id.", - "type": "string" - } - }, - "type": "object" - }, - "SafeguardsProfile": { - "description": "The Safeguards profile.", - "properties": { - "excludedNamespaces": { - "description": "List of namespaces excluded from Safeguards checks", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "level": { - "description": "The Safeguards level to be used. By default, Safeguards is enabled for all namespaces except those that AKS excludes via systemExcludedNamespaces", - "oneOf": [ - { - "enum": [ - "Off", - "Warning", - "Enforcement" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "version": { - "description": "The version of constraints to use", - "type": "string" - } - }, - "required": [ - "level" - ], - "type": "object" - }, - "ScaleProfile": { - "description": "Specifications on how to scale a VirtualMachines agent pool.", - "properties": { - "manual": { - "description": "Specifications on how to scale the VirtualMachines agent pool to a fixed size.", - "oneOf": [ - { - "items": { - "$ref": "#/definitions/ManualScaleProfile" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "Schedule": { - "description": "One and only one of the schedule types should be specified. Choose either 'daily', 'weekly', 'absoluteMonthly' or 'relativeMonthly' for your maintenance schedule.", - "properties": { - "absoluteMonthly": { - "description": "For schedules like: 'recur every month on the 15th' or 'recur every 3 months on the 20th'.", - "oneOf": [ - { - "$ref": "#/definitions/AbsoluteMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "daily": { - "description": "For schedules like: 'recur every day' or 'recur every 3 days'.", - "oneOf": [ - { - "$ref": "#/definitions/DailySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "relativeMonthly": { - "description": "For schedules like: 'recur every month on the first Monday' or 'recur every 3 months on last Friday'.", - "oneOf": [ - { - "$ref": "#/definitions/RelativeMonthlySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "weekly": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "oneOf": [ - { - "$ref": "#/definitions/WeeklySchedule" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "ServiceMeshProfile": { - "description": "Service mesh profile for a managed cluster.", - "properties": { - "istio": { - "description": "Istio service mesh configuration.", - "oneOf": [ - { - "$ref": "#/definitions/IstioServiceMesh" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "mode": { - "description": "Mode of the service mesh.", - "oneOf": [ - { - "enum": [ - "Istio", - "Disabled" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "mode" - ], - "type": "object" - }, - "SnapshotProperties": { - "description": "Properties used to configure a node pool snapshot.", - "properties": { - "creationData": { - "description": "CreationData to be used to specify the source agent pool resource ID to create this snapshot.", - "oneOf": [ - { - "$ref": "#/definitions/CreationData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "snapshotType": { - "description": "The type of a snapshot. The default is NodePool.", - "oneOf": [ - { - "enum": [ - "NodePool", - "ManagedCluster" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "SysctlConfig": { - "description": "Sysctl settings for Linux agent nodes.", - "properties": { - "fsAioMaxNr": { - "description": "Sysctl setting fs.aio-max-nr.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsFileMax": { - "description": "Sysctl setting fs.file-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsInotifyMaxUserWatches": { - "description": "Sysctl setting fs.inotify.max_user_watches.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fsNrOpen": { - "description": "Sysctl setting fs.nr_open.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "kernelThreadsMax": { - "description": "Sysctl setting kernel.threads-max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreNetdevMaxBacklog": { - "description": "Sysctl setting net.core.netdev_max_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreOptmemMax": { - "description": "Sysctl setting net.core.optmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemDefault": { - "description": "Sysctl setting net.core.rmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreRmemMax": { - "description": "Sysctl setting net.core.rmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreSomaxconn": { - "description": "Sysctl setting net.core.somaxconn.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemDefault": { - "description": "Sysctl setting net.core.wmem_default.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netCoreWmemMax": { - "description": "Sysctl setting net.core.wmem_max.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4IpLocalPortRange": { - "description": "Sysctl setting net.ipv4.ip_local_port_range.", - "type": "string" - }, - "netIpv4NeighDefaultGcThresh1": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh1.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh2": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh2.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4NeighDefaultGcThresh3": { - "description": "Sysctl setting net.ipv4.neigh.default.gc_thresh3.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpFinTimeout": { - "description": "Sysctl setting net.ipv4.tcp_fin_timeout.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveProbes": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_probes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpKeepaliveTime": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_time.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxSynBacklog": { - "description": "Sysctl setting net.ipv4.tcp_max_syn_backlog.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpMaxTwBuckets": { - "description": "Sysctl setting net.ipv4.tcp_max_tw_buckets.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpTwReuse": { - "description": "Sysctl setting net.ipv4.tcp_tw_reuse.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netIpv4TcpkeepaliveIntvl": { - "description": "Sysctl setting net.ipv4.tcp_keepalive_intvl.", - "oneOf": [ - { - "maximum": 90, - "minimum": 10, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackBuckets": { - "description": "Sysctl setting net.netfilter.nf_conntrack_buckets.", - "oneOf": [ - { - "maximum": 524288, - "minimum": 65536, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "netNetfilterNfConntrackMax": { - "description": "Sysctl setting net.netfilter.nf_conntrack_max.", - "oneOf": [ - { - "maximum": 2097152, - "minimum": 131072, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmMaxMapCount": { - "description": "Sysctl setting vm.max_map_count.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmSwappiness": { - "description": "Sysctl setting vm.swappiness.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "vmVfsCachePressure": { - "description": "Sysctl setting vm.vfs_cache_pressure.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeInWeek": { - "description": "Time in a week.", - "properties": { - "day": { - "description": "The day of the week.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "hourSlots": { - "description": "Each integer hour represents a time range beginning at 0m after the hour ending at the next hour (non-inclusive). 0 corresponds to 00:00 UTC, 23 corresponds to 23:00 UTC. Specifying [0, 1] means the 00:00 - 02:00 UTC time range.", - "oneOf": [ - { - "items": { - "maximum": 23, - "minimum": 0, - "type": "integer" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "TimeSpan": { - "description": "For example, between 2021-05-25T13:00:00Z and 2021-05-25T14:00:00Z.", - "properties": { - "end": { - "description": "The end of a time span", - "format": "date-time", - "type": "string" - }, - "start": { - "description": "The start of a time span", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "TrustedAccessRoleBindingProperties": { - "description": "Properties for trusted access role binding", - "properties": { - "roles": { - "description": "A list of roles to bind, each item is a resource type qualified role name. For example: 'Microsoft.MachineLearningServices/workspaces/reader'.", - "oneOf": [ - { - "items": { - "type": "string" - }, - "type": "array" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "sourceResourceId": { - "description": "The ARM resource ID of source resource that trusted access is configured for.", - "type": "string" - } - }, - "required": [ - "sourceResourceId", - "roles" - ], - "type": "object" - }, - "UpgradeOverrideSettings": { - "description": "Settings for overrides when upgrading a cluster.", - "properties": { - "forceUpgrade": { - "description": "Whether to force upgrade the cluster. Note that this option instructs upgrade operation to bypass upgrade protections such as checking for deprecated API usage. Enable this option only with caution.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "until": { - "description": "Until when the overrides are effective. Note that this only matches the start time of an upgrade, and the effectiveness won't change once an upgrade starts even if the `until` expires as upgrade proceeds. This field is not set by default. It must be set for the overrides to take effect.", - "format": "date-time", - "type": "string" - } - }, - "type": "object" - }, - "UserAssignedIdentity": { - "description": "Details about a user assigned identity.", - "properties": { - "clientId": { - "description": "The client ID of the user assigned identity.", - "type": "string" - }, - "objectId": { - "description": "The object ID of the user assigned identity.", - "type": "string" - }, - "resourceId": { - "description": "The resource ID of the user assigned identity.", - "type": "string" - } - }, - "type": "object" - }, - "VirtualMachineNodes": { - "description": "Current status on a group of nodes of the same vm size.", - "properties": { - "count": { - "description": "Number of nodes.", - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "size": { - "description": "The VM size of the agents used to host this group of nodes.", - "type": "string" - } - }, - "type": "object" - }, - "VirtualMachinesProfile": { - "description": "Specifications on VirtualMachines agent pool.", - "properties": { - "scale": { - "description": "Specifications on how to scale a VirtualMachines agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ScaleProfile" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "type": "object" - }, - "WeeklySchedule": { - "description": "For schedules like: 'recur every Monday' or 'recur every 3 weeks on Wednesday'.", - "properties": { - "dayOfWeek": { - "description": "Specifies on which day of the week the maintenance occurs.", - "oneOf": [ - { - "enum": [ - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday" - ], - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "intervalWeeks": { - "description": "Specifies the number of weeks between each set of occurrences.", - "oneOf": [ - { - "maximum": 4, - "minimum": 1, - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "intervalWeeks", - "dayOfWeek" - ], - "type": "object" - }, - "WindowsGmsaProfile": { - "description": "Windows gMSA Profile in the managed cluster.", - "properties": { - "dnsServer": { - "description": "Specifies the DNS server for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - }, - "enabled": { - "description": "Specifies whether to enable Windows gMSA in the managed cluster.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "rootDomainName": { - "description": "Specifies the root domain name for Windows gMSA.

Set it to empty if you have configured the DNS server in the vnet which is used to create the managed cluster.", - "type": "string" - } - }, - "type": "object" - }, - "managedClusters_agentPools_childResource": { - "description": "Microsoft.ContainerService/managedClusters/agentPools", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the agent pool.", - "oneOf": [ - { - "maxLength": 12, - "minLength": 1, - "pattern": "^[a-z][a-z0-9]{0,11}$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties of an agent pool.", - "oneOf": [ - { - "$ref": "#/definitions/ManagedClusterAgentPoolProfileProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "agentPools" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_maintenanceConfigurations_childResource": { - "description": "Microsoft.ContainerService/managedClusters/maintenanceConfigurations", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the maintenance configuration.", - "type": "string" - }, - "properties": { - "description": "Properties of a default maintenance configuration.", - "oneOf": [ - { - "$ref": "#/definitions/MaintenanceConfigurationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "maintenanceConfigurations" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_privateEndpointConnections_childResource": { - "description": "Microsoft.ContainerService/managedClusters/privateEndpointConnections", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of the private endpoint connection.", - "type": "string" - }, - "properties": { - "description": "The properties of a private endpoint connection.", - "oneOf": [ - { - "$ref": "#/definitions/PrivateEndpointConnectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "privateEndpointConnections" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - }, - "managedClusters_trustedAccessRoleBindings_childResource": { - "description": "Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings", - "properties": { - "apiVersion": { - "enum": [ - "2024-02-02-preview" - ], - "type": "string" - }, - "name": { - "description": "The name of trusted access role binding.", - "oneOf": [ - { - "maxLength": 24, - "minLength": 1, - "pattern": "^([A-Za-z0-9-])+$", - "type": "string" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "properties": { - "description": "Properties for trusted access role binding", - "oneOf": [ - { - "$ref": "#/definitions/TrustedAccessRoleBindingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "enum": [ - "trustedAccessRoleBindings" - ], - "type": "string" - } - }, - "required": [ - "name", - "properties", - "apiVersion", - "type" - ], - "type": "object" - } - } -} \ No newline at end of file diff --git a/schemas/common/autogeneratedResources.json b/schemas/common/autogeneratedResources.json index ab4d6df4d4..7b570a203a 100644 --- a/schemas/common/autogeneratedResources.json +++ b/schemas/common/autogeneratedResources.json @@ -9436,1116 +9436,6 @@ { "$ref": "https://schema.management.azure.com/schemas/2023-11-01-preview/Microsoft.ContainerRegistry.json#/resourceDefinitions/registries_webhooks" }, - { - "$ref": "https://schema.management.azure.com/schemas/2016-03-30/Microsoft.ContainerService.Aks.json#/resourceDefinitions/containerServices" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2016-09-30/Microsoft.ContainerService.Aks.json#/resourceDefinitions/containerServices" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2017-01-31/Microsoft.ContainerService.Aks.json#/resourceDefinitions/containerServices" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2017-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/containerServices" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2017-08-31/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2018-03-31/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2018-08-01-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2018-09-30-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/openShiftManagedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-04-30/Microsoft.ContainerService.Aks.json#/resourceDefinitions/openShiftManagedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-09-30-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/openShiftManagedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-10-27-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/openShiftManagedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-12-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-12-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-12-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-12-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-05-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-05-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-05-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-05-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-08-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-08-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-08-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-08-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-08-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-11-01-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-11-01-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-11-01-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-11-01-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-11-01-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/fleets" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/fleets_members" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/fleets" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/fleets_members" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-03-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-03-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-03-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-03-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-03-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-03-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-08-03-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/fleets" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/fleets_members" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2022-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-03-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-03-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-04-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-04-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-05-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-05-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-05-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-05-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-05-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-05-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-06-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-06-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-07-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-07-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-08-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-08-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-08-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-08-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-08-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-08-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-09-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-10-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2023-11-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-01-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-01/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_agentPools" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_maintenanceConfigurations" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_privateEndpointConnections" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedClusters_trustedAccessRoleBindings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/managedclustersnapshots" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2024-02-02-preview/Microsoft.ContainerService.Aks.json#/resourceDefinitions/snapshots" - }, { "$ref": "https://schema.management.azure.com/schemas/2022-06-02-preview/Microsoft.ContainerService.Fleet.json#/resourceDefinitions/fleets" },